02-22-2008 09:15 AM - edited 03-11-2019 05:07 AM
I am building a connection from DMZ to inside and need to translate the real address to a hidden address so that users on DMZ LAN can access resources on inside connected LAN by the hidden address. This is the static that I built, I am not sure that it is working. Can someone double check, please.
static (inside,dmz1) 192.168.34.10 170.254.34.10 netmask 255.255.255.255
192.168.34.10 is the bogus address and 170.254.34.10 is the address for the server on inside interface.
02-22-2008 12:22 PM
Your static is correct , say for sake of example you permit RDP tcp traffic to 192.168.34.10 from DMZ host whose ip is 192.168.34.200.
e.g
static (inside,DMZ1) 192.168.34.10 170.254.34.10 netmask 255.255.255.255
access-list DMZ1_access_in permit tcp host 192.168.34.200 host 192.168.34.10 eq 3389
access-group DMZ1_access_in interface DMZ1
Rgds
Jorge
02-23-2008 04:30 AM
Thank you for your reply. This is working now.
02-22-2008 03:05 PM
static (inside,dmz1) 192.168.34.10 170.254.34.10, well make sure 192.168.34.10 is the free ip from the pool on DMZ
also add access-l
and try to ping and see what you get in debug icmp trace ?
02-22-2008 03:38 PM
My above reply has been tested in a working LAB environment and fully functional using original poster IP scheme, please wait until original poster replies with results before moving into debuging processies etc..
Jorge
02-23-2008 04:33 AM
Thanks a lot for your help.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide