Allow Inside Hosts Access to a DMZ without Translation

Unanswered Question
Jun 27th, 2007


Could you pls mail what exactly the below command will do ?

1) static (inside,dmz)

2) static (dmz,inside)

Pls mail me documentaion reference with multiple DMZ(1-4) configuration in PIX with translation and without address translation.


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
srue Thu, 06/28/2007 - 08:43

you don't need 2), assuming is the host on the inside interface that needs access to the dmz.

You could also use nat zero to accomplish this:

nat (inside) 0 natzero_acl

access-list natzero_acl permit ip host host dmz_host_ip

gappavoo1 Thu, 06/28/2007 - 09:21


Thanks for your reply !

Pls clarify me, assuming a host in DMZ interface that needs to access inside the below commands is correct ?

static (dmz,inside)


acomiskey Thu, 06/28/2007 - 09:37

No you would not need that.

For and to communicate between the inside and dmz, all you need is...

static (dmz,inside)


This Discussion