03-30-2008 01:20 PM - edited 03-11-2019 05:24 AM
Hi, If me make an access rule to access the Inside machines from DMZ machine and use IP protocol and after checking all machines of DMZ and Inside zone are being communicate with each other but issue is coming in IIS Application which is configured in DMZ zone and the DB machine configured in Inside zone and other hand if put DB machine in same DMZ zone then app works fine. Is it any conf issue or somwthing wrong which is doing blocked the data between DB and App machine. TYhanks.
03-30-2008 01:41 PM
What does ASA logs indicates when you have DB in inside, you should be able to see something in the logs when IIS tries to right to DB inside. One would assume that by allowing IP all is allowed, well thats not the case. You may need to explicitly allow SQL TCP port 1433 from DMZ to inside where DB is located, have you try that?
-Jorge
03-30-2008 01:46 PM
Yes, I have tried Telnet command to access 1433 port from DMZ machines to Inside DB machine and it is being access. Thanks.
03-30-2008 04:33 PM
Ok, so telnet proves tcp 1433 is good from IIS to SQL DB inside, but you still not telling us what exactly is the problem on the IIS server, what errors messages are being generated on the IIS and/or DB, are you NATing between DMZ and sql DB? any error messagess you can provide will help in undertanding the problem.
03-30-2008 05:59 PM
Well, we are not recieving any error, when we try to access the application from outside interface it shows blank page and after putting DB into DMZ Zone app works fine from outside network. Thanks
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide