cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
534
Views
0
Helpful
6
Replies

Access DMZ server from inside with public and private ip

acomiskey
Level 10
Level 10

I would like to access a dmz server with both public and private ip's from the inside. I can access private with

static (inside,dmz) 192.168.1.0 192.168.1.0 netmask 255.255.255.255

and I can access by public with destination NAT

static (dmz,inside) 64.1.1.1 172.16.1.1 netmask 255.255.255.255

but I can't put them in at the same time or I get "no translation group found" when trying private ip. Any advice, I guess this isn't possible? ASA 7.2.1

6 Replies 6

oabduo983
Level 1
Level 1

Hi,

Can you post the ip addresses on each interface? what do you mean by public IP? ip on the outside or ip on the dmz?

Regards,

Public meaning it's external address, 64.x.x.x. You can see the subnets by looking at the statics I posted but

inside - 192.168.1.x

dmz - 172.16.x.x

outside - 64.x.x.x

Dmz server private ip is 172.16.1.1.

Dmz server public ip is 64.1.1.1.

From inside I want to access dmz server by http://172.16.1.1 AND http://64.1.1.1.

anybody?

Wizzle
Level 1
Level 1

Look at this...static (inside,dmz) 192.168.1.0 192.168.1.0 netmask 255.255.255.255.

I hope 192.168.1.0 isn't a network address or maybe you mean netmask 255.255.255.0.

That statement is correct and is very common. It allows the subnet 192.168.1.0 to communicate with the dmz.

Anyone else?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: