Firewall, allow inside to access outside interface

Posted on 2012-09-16
Medium Priority
Last Modified: 2013-06-07
Dear all,

I have a firewall with several public IP's for different services. One service should be accessible from the inside but I haven't found any way to solve this on my inside network so I must route my inside hosts to the specific public IP address.

I'm pretty sure it's just a security policy, and maybe I must edit the NAT list but I'm not exactly sure.

I have a Palo Alto firewall, but I guess any suggestions will work since this is a more "generic" question...
Question by:kaare_t
LVL 19

Expert Comment

by:Andrew Davis
ID: 38404427
Need a bit more information as i am a little confused as to what you are trying to do.

Are you talking about something like you host your own web (or whatever) service internally so the public facing DNS points to your exteernal interface so users external to your netowrk can access the service, and you want internal users to also see the website? if this is the case it is a DNS issue and not a firewall issue.

Can you explain what it is you are trying to acheive.

LVL 26

Accepted Solution

arober11 earned 2000 total points
ID: 38404473
Sound like your after a hairpin NAT rule; have no experience of Palo Alto Firewalls so can't comment as to whether they are supported, or how you would configure a rule.

If you can't define a rule it may be worth considering adding a few local DNS entries for your public services,, to make them accessible within your network.

Author Comment

ID: 38404602
Thanks guys! I will do a little research on both and come back with my solution. I think both suggestions (DNS & Hairpinning) will work fine.

Author Closing Comment

ID: 38410896
Hairpin was what I was looking for!

Expert Comment

ID: 39228288
How did you set this up? We are looking for the same thing and are having a few problems.

Featured Post

A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
A 2007 NCSA Cyber Security survey revealed that a mere 4% of the population has a full understanding of firewalls. As business owner, you should be part of that 4% that has a full understanding.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question