So I've recently isolated my guests to VLAN2 on my asa 5520. The dhcp's are being handed out and everything works great. I'm running into an issue though with 2 internally hosted servers that I want guest to still use. My web server and owa for email sync. The problem is that when a user hits www.myserver.com
or owa.myserver.com it uses the public IP x.x.x.x (since they are using external dns and there is no internal dns for this guest subnet). That traffic doesn't flow out to the public and back in, since the vlan is already behind the public address block. On my main subnet it is fine since I have a dns server and just use a host a to redirect, but I don't want to use an intneral dns server for this traffic.
I'm sure it is just a route or nat issue, but here is what I need.
User on vlan2 int1.1 ip 192.168.168.11 > hits public ip x.x.x.x > routes to int1 192.168.0.206
Normally I don't want vlan2 subnet 192.168.168.0 to see 192.168.0.0 at all, but I need it to see 2 servers for these services.