Cisco ASA Hairpinning技术解决内网通过公网IP访问内网服务器问
用户 需求: ASA 目前使用 inside 、 outside 两个接口,无 DMZ 区域,目前 服务器 地址 192.168.1.244 通信端口 8080 ;本地测试客户端的 ip 地址是 192.168.1.100 ; 通过 静态的 NAT 后 ip 是 218.17.199.108 ,外网映射端口是 56123 。做完常规的 STAICN
用户需求:
ASA目前使用inside、 outside 两个接口,无DMZ区域,目前服务器地址192.168.1.244 通信端口8080;本地测试客户端的ip地址是192.168.1.100;通过静态的NAT后ip是218.17.199.108,外网映射端口是56123。做完常规的STAIC NAT后,测试情况如下:
公网测试:http://218.17.199.108:56123/Gwall_osa是成功的
本地测试:http://218.17.199.108:56123/Gwall_osa不成功
目的就是要解决本地测试http://218.17.199.108:56123/Gwall_osa,能正常访问,数据能交互。ASA 防火墙使用Hairpinning技术来解决内网PC通过公网IP来访问内网的服务器的问题。如下拓扑:
IOS 8.3以前版本的 Hairpinning技术相关配置如下:
1、same-security-traffic permit intra-interface //允许同一接口发起进出口流量
2、nat (inside) 1 0.0.0.0 0.0.0.0
3、global (outside) 1 interface//源NAT允许所有上网
4、global (inside) 1 interface
// 为内网用户使用Hairpinning访问内部服务器定义global地址。
5、static (inside,outside) 218.17.199.108 192.168.1.244 netmask 255.255.255.255
//使用Static NAT映身一台服务器,公网IP218.17.199.108 -->IP 192.168.1.244。
6、static (inside,inside) 218.17.199.108 192.168.1.244 netmask255.255.255.255
//为Hairpinning流量返回路径定义NAT映射:218.17.199.108 ―->192.168.1.244
7、access-list outside_access_in extended permit tcp any host218.17.199.108 eq 56123
放行流量,应用在outside的口。
IOS 8.3以后版本的 Hairpinning技术相关配置如下:
same-security-traffic permitintra-interface
//允许同一接口发起进出口流量
object network ser1
host 192.168.1.244
nat (insdie,outside) sta 218.17.199.108 sertcp 56123 8080
//保证公网能通过映射访问内部服务器
object network my-test1
subnet 10.1.0.0 255.255.255.0
nat(inside,inside) dynamic interface
object network my-test1
subnet 10.2.0.0 255.255.255.0
nat(inside,inside) dynamic interface
object network my-test3
subnet192.168.1.0 255.255.255.0
nat(inside,inside) dynamic interface
object network test
host192.168.1.244 (服务器IP)
nat(inside,inside) static 218.17.199.108 service tcp 8080 56123
放行ACL流量
access-list outside_access_in extendedpermit tcp any host 218.17.199.108 eq 56123
access-group outside_access_in in inoutside
yeexw” 博客,转载请与作者联系!
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
Solution to the problem that Win11 system cannot install Chinese language pack
Mar 09, 2024 am 09:48 AM
Solution to the problem that Win11 system cannot install Chinese language pack With the launch of Windows 11 system, many users began to upgrade their operating system to experience new functions and interfaces. However, some users found that they were unable to install the Chinese language pack after upgrading, which troubled their experience. In this article, we will discuss the reasons why Win11 system cannot install the Chinese language pack and provide some solutions to help users solve this problem. Cause Analysis First, let us analyze the inability of Win11 system to
Five tips to teach you how to solve the problem of Black Shark phone not turning on!
Mar 24, 2024 pm 12:27 PM
As smartphone technology continues to develop, mobile phones play an increasingly important role in our daily lives. As a flagship phone focusing on gaming performance, the Black Shark phone is highly favored by players. However, sometimes we also face the situation that the Black Shark phone cannot be turned on. At this time, we need to take some measures to solve this problem. Next, let us share five tips to teach you how to solve the problem of Black Shark phone not turning on: Step 1: Check the battery power. First, make sure your Black Shark phone has enough power. It may be because the phone battery is exhausted
How to solve the problem of automatically saving pictures when publishing on Xiaohongshu? Where is the automatically saved image when posting?
Mar 22, 2024 am 08:06 AM
With the continuous development of social media, Xiaohongshu has become a platform for more and more young people to share their lives and discover beautiful things. Many users are troubled by auto-save issues when posting images. So, how to solve this problem? 1. How to solve the problem of automatically saving pictures when publishing on Xiaohongshu? 1. Clear the cache First, we can try to clear the cache data of Xiaohongshu. The steps are as follows: (1) Open Xiaohongshu and click the "My" button in the lower right corner; (2) On the personal center page, find "Settings" and click it; (3) Scroll down and find the "Clear Cache" option. Click OK. After clearing the cache, re-enter Xiaohongshu and try to post pictures to see if the automatic saving problem is solved. 2. Update the Xiaohongshu version to ensure that your Xiaohongshu
The driver cannot be loaded on this device. How to solve it? (Personally tested and valid)
Mar 14, 2024 pm 09:00 PM
Everyone knows that if the computer cannot load the driver, the device may not work properly or interact with the computer correctly. So how do we solve the problem when a prompt box pops up on the computer that the driver cannot be loaded on this device? The editor below will teach you two ways to easily solve the problem. Unable to load the driver on this device Solution 1. Search for "Kernel Isolation" in the Start menu. 2. Turn off Memory Integrity, and it will prompt "Memory Integrity has been turned off. Your device may be vulnerable." Click behind to ignore it, and it will not affect the use. 3. The problem can be solved after restarting the machine.
The Stable Diffusion 3 paper is finally released, and the architectural details are revealed. Will it help to reproduce Sora?
Mar 06, 2024 pm 05:34 PM
StableDiffusion3’s paper is finally here! This model was released two weeks ago and uses the same DiT (DiffusionTransformer) architecture as Sora. It caused quite a stir once it was released. Compared with the previous version, the quality of the images generated by StableDiffusion3 has been significantly improved. It now supports multi-theme prompts, and the text writing effect has also been improved, and garbled characters no longer appear. StabilityAI pointed out that StableDiffusion3 is a series of models with parameter sizes ranging from 800M to 8B. This parameter range means that the model can be run directly on many portable devices, significantly reducing the use of AI
How to solve the problem of low sound on Apple mobile phones
Mar 08, 2024 pm 01:40 PM
The problem of low sound on Apple phones may be caused by many reasons. Users can try to solve the problem by adjusting the volume settings, checking the silent mode, clearing the speakers and earpieces, restarting the phone, checking the headphone jack, etc. How to solve the problem of low sound on Apple mobile phone 1. Adjust the volume setting First, make sure the volume setting of your mobile phone is correct. You can increase the volume by pressing the volume button (usually located on the side of the phone). In addition, you can also adjust the volume in "Sounds & Haptics" or "Sounds & Haptic Feedback" in settings. 2. Check the silent mode to make sure your phone is not in silent mode. You can look for the mute switch next to the volume buttons on the side. If the mute switch is on, the sound will be turned off. 3. Clean the speakers and earpieces. Sometimes the speakers and earpieces may be covered with dust.
DualBEV: significantly surpassing BEVFormer and BEVDet4D, open the book!
Mar 21, 2024 pm 05:21 PM
This paper explores the problem of accurately detecting objects from different viewing angles (such as perspective and bird's-eye view) in autonomous driving, especially how to effectively transform features from perspective (PV) to bird's-eye view (BEV) space. Transformation is implemented via the Visual Transformation (VT) module. Existing methods are broadly divided into two strategies: 2D to 3D and 3D to 2D conversion. 2D-to-3D methods improve dense 2D features by predicting depth probabilities, but the inherent uncertainty of depth predictions, especially in distant regions, may introduce inaccuracies. While 3D to 2D methods usually use 3D queries to sample 2D features and learn the attention weights of the correspondence between 3D and 2D features through a Transformer, which increases the computational and deployment time.
How to solve the problem of garbled characters when importing Chinese data into Oracle?
Mar 10, 2024 am 09:54 AM
Title: Methods and code examples to solve the problem of garbled characters when importing Chinese data into Oracle. When importing Chinese data into Oracle database, garbled characters often appear. This may be due to incorrect database character set settings or encoding conversion problems during the import process. . In order to solve this problem, we can take some methods to ensure that the imported Chinese data can be displayed correctly. The following are some solutions and specific code examples: 1. Check the database character set settings In the Oracle database, the character set settings are
