Problem DMZ to Inside and Inside to DMZ

rechard_david · ‎03-05-2008

Dear All,

Please help me, i would like to configure ASA 5510.and i had DMZ , i want DMZ can access to inside and Inside can access to DMZ, but now it doesn't work.

Pleas see configuration in the attach file.

Best Regards,

Rechard,

Jon Marshall · ‎03-05-2008

Hi Rechard

Not sure what the static statements are doing

static (inside,dmz) 192.168.4.0 192.168.3.0 netmask 255.255.255.0

static (dmz,inside) 192.168.3.0 192.168.4.0 netmask 255.255.255.0

You only need a static for traffic from a lower to a higher level interface. Can you remove the above 2 statements, do a "clear xlate" and then add

static (inside,dmz) 192.168.3.0 192.168.3.0 netmask 255.255.255.0

and then retry.

HTH

Jon

rechard_david · ‎03-06-2008

Dear Jon,

it still has the problem ,

Please see in the attach file.

Best Regards,

Rechard,

dongdongliu · ‎03-06-2008

hi,Rechard

please change ip address block of DMZ from 192.168.3.0 to 192.168.4.0

static (inside,dmz) 192.168.4.0 192.168.3.0 netmask 255.255.255.0

regards

dongdong