Access DMZ server from inside with public and private ip

Unanswered Question
Apr 26th, 2007

I would like to access a dmz server with both public and private ip's from the inside. I can access private with

static (inside,dmz) 192.168.1.0 192.168.1.0 netmask 255.255.255.255

and I can access by public with destination NAT

static (dmz,inside) 64.1.1.1 172.16.1.1 netmask 255.255.255.255

but I can't put them in at the same time or I get "no translation group found" when trying private ip. Any advice, I guess this isn't possible? ASA 7.2.1

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
oabduo983 Thu, 04/26/2007 - 11:28

Hi,

Can you post the ip addresses on each interface? what do you mean by public IP? ip on the outside or ip on the dmz?

Regards,

acomiskey Thu, 04/26/2007 - 11:35

Public meaning it's external address, 64.x.x.x. You can see the subnets by looking at the statics I posted but

inside - 192.168.1.x

dmz - 172.16.x.x

outside - 64.x.x.x

Dmz server private ip is 172.16.1.1.

Dmz server public ip is 64.1.1.1.

From inside I want to access dmz server by http://172.16.1.1 AND http://64.1.1.1.

Wizzle Fri, 04/27/2007 - 07:44

Look at this...static (inside,dmz) 192.168.1.0 192.168.1.0 netmask 255.255.255.255.

I hope 192.168.1.0 isn't a network address or maybe you mean netmask 255.255.255.0.

acomiskey Fri, 04/27/2007 - 07:53

That statement is correct and is very common. It allows the subnet 192.168.1.0 to communicate with the dmz.

Actions

This Discussion