We have a Cisco ASA 5506-X (running ASA 9.5(1)) and a /28 public network.
The first available address in the public network is assigned to the outside interface of the ASA and has NAT/PAT to several servers on the inside network. The rest of the addresses are NAT'ed to servers on the inside and DMZ networks.
I would like to be able to use the outside interface address from the DMZ to access all the PAT'ed services on the inside network. And since the outside interface address uses PAT I'm not allowed to use DNS doctoring.
The main reason is that our mail server is located on the inside network, and we are using the outside interface address as our main address (and public mail server address). Incoming SMTP connections are PAT'ed to our spam-filter, while client access (and webmail) is PAT'ed directly to the mail-server.
0 Answers