06-27-2007 07:06 PM - edited 03-11-2019 03:36 AM
Hi,
Could you pls mail what exactly the below command will do ?
1) static (inside,dmz) 10.1.6.100 10.1.6.100
2) static (dmz,inside) 10.1.6.100 10.1.6.100
Pls mail me documentaion reference with multiple DMZ(1-4) configuration in PIX with translation and without address translation.
-Ganesh
06-28-2007 08:43 AM
you don't need 2), assuming 10.1.6.100 is the host on the inside interface that needs access to the dmz.
You could also use nat zero to accomplish this:
nat (inside) 0 natzero_acl
access-list natzero_acl permit ip host 10.1.6.100 host dmz_host_ip
06-28-2007 09:21 AM
Hi,
Thanks for your reply !
Pls clarify me, assuming a host 10.2.7.200 in DMZ interface that needs to access inside the below commands is correct ?
static (dmz,inside) 10.2.7.200 10.2.7.200
-Ganesh
06-28-2007 09:37 AM
No you would not need that.
For 10.2.7.200 and 10.1.6.100 to communicate between the inside and dmz, all you need is...
static (dmz,inside) 10.1.6.100 10.1.6.100
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: