Network users need to access the network server in the domain name, the general business environment is not accessible, you need to go through the following configuration, the principle is not to say, just say the configuration.
nat (inside,inside) source dynamic inside-net interface destination static outside-ip web-ip service outside-port web-real-port
(Inside, insdie): If the user and the server in the same interfaces, two interfaces can fill the same, according to the actual. If it is completed in accordance with different interfaces on different interfaces.
NET-Inside : internal network segments need to access the server, you need to define the object
interface : Inside Interface
ip-Outside : Foreign mapped address of internal server, you need to define the object
ip-Web : internal server address, you need to define the object
outside-port: External ports internal server, such as: www, https, you need to define object
web-real-port: real port internal servers, such as nginx port, you need to define the object
举例:nat (DMZ,DMZ) source dynamic nat interface destination static wan_202.105.182.22 60_new service www 8661
In fact, the nat visit www wan_202.105.182.22 the port, access to 60_new converted to a 8661 port dmz mouth.
If it is the same interface, you need to add the following command to allow traffic in and out from the same interface.
same-security-traffic permit intra-interface