Hello again, either I'm stupid, or these firewalls just don't make sense.
There is a web server on the internal network, which can be perfectly accessed from outside because of the static NAT rule. But when trying to reach it from the inside, it can't be accessed. I've tried to remove the implicit rule, that stops the traffic from the inside network to reach the outside interface, but I can't remove it. What should I do, please help. No IP traffic is allowed from inside network to reach outside interface and from there to NAT again to inside web server. People in the office just can't write internal IP addresses in the web browser address bar, and the DNS points to the outside interface IP address.
Extart already gave you a solution for your problem.
Here's a link related to DNS rewrite.http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00807968d1.shtml#problem
It's not a DNS issue, cause no IP traffic is allowed from inside network from inside to access inside via outside NAT. The scenario is the following:
Inside host sends packet to outside interface, which is NAT-ed back to the inside host.
I've added the rule that permits inside network to the outside interface, but still no luck.
access-list inside_access_in extended permit tcp 192.168.1.0 255.255.255.0 host 220.127.116.11 eq www
when I "packet trace" through the ASDM it says packet drop by the implicit rule (the highlighted one on the picture below)
I have no idea why would that be.