Route Loopback Issue
Q: We just added a Cisco ASA5510 to protect our network. Every thing works except no one in the LAN can access our imail we site. The web site points to one of our public IP, x.x.x.35 (we can access the web site from outside and we just can’t do the same inside after adding the ASA). Is it possible the inside computers can access our web site using the public IP address? If not, my another option is to setup a DNS record pointing to the web site, for example 192.168.0.213 = www.chicagotech.net (our network domain name is chicagotech.local)?. I can’t figure out how to do that. Any suggestions?
A: You may have two options to fix it.
1. If you have an internal DNS, you should direct internal clients to your internal web site IP. To do that, create a new zone on your DNS server for the domain www.chicagotech.net . Add 'A' record(s) to that zone for all resources in www.chicagotech.net that internal clients will need to access. If the resource is available on the internal connection (e.g. the website), then enter the internal address -- 192.168.0.213. If the resource is on the external network, then enter the actual IP Address of the resource.
2. Alternatively, you may add the DNS option onto the end of your static commands, for example,
static (Inside,Outside) x.x.x.34 192.168.0.213 netmask 255.255.255.255 dns
static (Inside,Outside) x.x.x.35 192.168.0.112 netmask 255.255.255.255 dns
static (Inside,Outside) x.x.x.35 192.168.0.112 netmask 255.255.255.255 dns
Aucun commentaire:
Enregistrer un commentaire