Routing an inside request back to an inside IP on a Pix501

[dbdataplus]

I have a simple inside network with one server (mail and web) and I get by without having to administer a DNS server. I'm happy letting AT&T's network servers do that.

But it creates one problem. Our server, known to the outside as (

http://www|mail).whatever.com

(x.x.x.x) is known INSIDE as 192.168.0.10 so people inside the network have to an entry in their windows HOSTS file to read 192.168.0.10 whatever.com

Again this is no problem, except for the one guy who works inside and outside. When he's outside, his email has to resolve the name to x.x.x.x but when he's in the office, it has to resolve to 192.168.0.10

This could all be eliminated if I knew how to tell the Pix 501 that it's OK to process a request from an inside interface back to the inside interface (through translation)if that's the logic of it.

A request from the OUTSIDE going to x.x.x.x goes to the Pix, is translated & processed & routed with no problem, so why can't a request from the INSIDE ... to that same OUTSIDE IP be treated the same way?

Or ... very possibly ... like most things Cisco .. it's possible IF you know the secret handshake, the magic word and speak the insideoutsideshunfixupviplix langauge?

 

[brianinms]

The command you need is


alias (inside) 192.168.0.10 y.y.y.y 255.255.255.255


y.y.y.y = the A record your mail server resolves to