Route from DMZ to network connected to INSIDE

Unanswered Question
Apr 13th, 2007
User Badges:

I need to set up my PIX to route from my DMZ ( to a network ( that is connected to a switch on the inside network ( via a router. The switch ( the inside network has a static route to the network, and is the default gateway for the PCs on the inside network. The PIX is then the default gateway for the switch. The PCs on the inside network are able to access the network and vice versa. I want to set it up so that the network can access the servers in the DMZ and the DMZ servers can access servers on that network as well (with the correct access lists).

My question is, to set up to allow the network to access my DMZ servers, will I need a static NAT statement such as:

static (inside,DMZ) netmask,

and when entering the route for that network would I use the command:

route inside 1


route DMZ 1.

Also, is there anything else that I am forgetting (assuming the correct access lists are in place)?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
acomiskey Fri, 04/13/2007 - 10:24
User Badges:
  • Green, 3000 points or more

Yes, you will need the static and the correct routing statement is route inside. Other than the acl into the DMZ interface that should do it.


This Discussion