How to reach hosts with public addresses in DMZ from outside

Unanswered Question
Jun 12th, 2008
User Badges:

We are going to replace an old Linux based firewall with a Cisco ASA 5505. On the outside interface we have a 255.255.255.252 subnet (1 available address) and we have a DMZ zone with a 255.255.255.240 subnet (with official IP addresses) Usually we translate public addresses on the outside interface to private adresses in DMZ with the static command but in this case there are no address translation from outside to the DMZ. We want to do the same thing with the new firewall. Between the outside interface and the inside interface we will be using NAT/PAT. This solution work's fine with the old firewall but how can we do the same with Cisco ASA 5505? (With static or NAT exemption or something else) The person who installed the old solution can't be found.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jon Marshall Thu, 06/12/2008 - 02:21
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Easiest thing to do is just a static translation ie.


static (DMZ,outside) 195.167.10.0 195.167.10.0 netmask 255.255.255.240


Jon

Actions

This Discussion