maybe you're looking for "hairpinning"?: same-security-traffic permit intra-interface global (inside) 1 interface static (inside,inside) {public address} {private address} netmask 255.255.255.255
On Fri, 2010-04-30 at 00:45 -0400, Eric Magutu wrote: > Hi, > Apologies for the cross posting. > > I have a problem with a NAT on my network. A private IP has been NATed > to a public IP on my network. The public IP can't be reached from > within my network but it can from outside. I have tried to implement > dns doctoring with no success. > This is what I have added in my config > > > static (inside,outside) 209.165.201.15 10.1.1.6 netmask 255.255.255.255 dns > > policy-map type inspect dns preset_dns_map > parameters > message-length maximum 2048 > policy-map global_policy > class inspection_default > inspect ftp > inspect h323 h225 > inspect h323 ras > inspect rsh > inspect rtsp > inspect esmtp > inspect sqlnet > inspect skinny > inspect sunrpc > inspect xdmcp > inspect sip > inspect netbios > inspect tftp > inspect http > inspect icmp > inspect dns preset_dns_map > ! > service-policy global_policy global > > > > How do I verify that the dns rewrite is actually taking place? Is > there something wrong with my config? > _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/