Hello Group,
We have a guest subnet 192.168.1.0/24 located inside of ASA. This subnet is
only allowed to access Internet, which will pat on the ASA �outside�
interface 1.1.1.1 (public IP). We have a Citrix farm for accessing from
public, which is using 1-to-1 nat on the ASA (static (webdmz, outside)
1.1.1.2 10.10.32.25 netmask 255.255.255.255 with https only ACL.
The 192.168.1.0/24 cannot access 10.10.32.25. We were told the only way to
make it work is to change the public IP of 1-to-1 nat to a different subnet.
Could somebody help me to understand it?
Thanks a lot!
Blogs and organic groups at http://www.ccie.net
Received on Mon Feb 28 2011 - 14:34:21 ART