joe90kane
asked on
Allow two IP's see each other?
Hi,
I have a Cisco ASA 5510 configured; I have added a web server inside the network and is accessible from outside.
I want to allow all internal users to see the website using the domain instead of the internal ip address.
Can this be done via the ASA? Both the users and webserver are using the same public IP address.
Thanks, Joe
I have a Cisco ASA 5510 configured; I have added a web server inside the network and is accessible from outside.
I want to allow all internal users to see the website using the domain instead of the internal ip address.
Can this be done via the ASA? Both the users and webserver are using the same public IP address.
Thanks, Joe
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Another article that got this working: https://www.experts-exchange.com/questions/24026565/Cisco-ASA-8-0-Hairpinning-Config.html
Heres what you can try. Make sure your dns points to your public IP and try this
static (inside,inside) Public_IP Private_IP netmask 255.255.255.255
static (inside,inside) Public_IP Private_IP netmask 255.255.255.255
ASKER
Thanks for the comments the hairpinning setup is working great - Is there any security concerns related to the setup?
I can't think of any explicit security issues but you should be aware of the additional www traffic that will be passing through your ASA, whereas if you used internal DNS to resolve it would never hit the ASA.
technically there is no point to go through the ASA to view an internal web site
just configure your DNS server to resolve the IP internally
that would be the correct way to do it
just configure your DNS server to resolve the IP internally
that would be the correct way to do it