Problem DMZ to Inside and Inside to DMZ

Unanswered Question
Mar 5th, 2008
User Badges:

Dear Expert,


Now i have problem, i use ASA 5510 and i have interface inside,outside and DMZ and i would like DMZ can access into inside and Inside can access into DMZ, and the both can access outside(Internet).now it have problem it cannot access ..

Please see configuration in the attach file.


Best Regards,




Attachment: 
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jon Marshall Wed, 03/05/2008 - 23:40
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Hi Rechard


Please see Wan Routing & Switching forum where i have posted an answer.


Jon

wasiimcisco Thu, 03/06/2008 - 01:29
User Badges:

Kindly add the following commands and clear xlate and clear conn


static (inside,dmz) 192.168.3.0 192.168.3.0 netmask 255.255.255.0


access-list dmz extended permit ip 192.168.4.0 255.255.255.0 192.168.3.0 255.255.255.0


global (outside) 1 interface

nat (inside) 1 0.0.0.0 0.0.0.0

nat (dmz) 1 0.0.0.0 0.0.0.0




firewall is statuful, traffic from dmz to inside will allow by above mention static command and access-list on dmz interface and vice versa





you also removed this You internet will work. No need of this command.


static (dmz,inside) 192.168.3.0 192.168.4.0 netmask 255.255.255.0

global (dmz) 1 interface.



Thanks

Actions

This Discussion