Firewall, allow inside to access outside interface

Dear all,

I have a firewall with several public IP's for different services. One service should be accessible from the inside but I haven't found any way to solve this on my inside network so I must route my inside hosts to the specific public IP address.

I'm pretty sure it's just a security policy, and maybe I must edit the NAT list but I'm not exactly sure.

I have a Palo Alto firewall, but I guess any suggestions will work since this is a more "generic" question...
Who is Participating?
arober11Connect With a Mentor Commented:
Sound like your after a hairpin NAT rule; have no experience of Palo Alto Firewalls so can't comment as to whether they are supported, or how you would configure a rule.

If you can't define a rule it may be worth considering adding a few local DNS entries for your public services,, to make them accessible within your network.
Andrew DavisManagerCommented:
Need a bit more information as i am a little confused as to what you are trying to do.

Are you talking about something like you host your own web (or whatever) service internally so the public facing DNS points to your exteernal interface so users external to your netowrk can access the service, and you want internal users to also see the website? if this is the case it is a DNS issue and not a firewall issue.

Can you explain what it is you are trying to acheive.

kaare_tAuthor Commented:
Thanks guys! I will do a little research on both and come back with my solution. I think both suggestions (DNS & Hairpinning) will work fine.
kaare_tAuthor Commented:
Hairpin was what I was looking for!
How did you set this up? We are looking for the same thing and are having a few problems.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.