Accessing Published Service/server(outside interface) from local interface (lAN)

hellosoft used Ask the Experts™

i have published a SIP server on ASA-5510 Firewall using public ipaddress on Outside interface.

bothe local (lAN) and internet/public users can access this server/service with out any issue.

Now our LAN users want to access this published server using it's published ip address (published ipaddress)

can any body tell me how to configure this.

Thanks in advance,
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
The best practice method to do this would be to use a hostname instead of an IP address.

Using a hostname, you can have "split dns" so that internal host will resolve the hostname to the internal address and external hosts will resolve to the external address.

If you did not want to run a copy of the DNS zone internally, you could use DNS rewrite on the ASA.

I know I haven't answered the question directly, but I have provided a best practice work around :-)
Cyclops3590Sr Software Engineer
I concur with ArneLovius that I would use the fqdn instead of an IP address as well, unless of course you can't for some reason.  It helps to abstract the layers between the application and underlying network so if you have to move servers or IP schemes then you just update DNS and everything automatically switches over.


any one with detailed explanation please
What you are trying to do is against best practice.

It would be helpful if you posted a suitably sanitised copy of your current config.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial