Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
344
Views
0
Helpful
1
Replies

DMZ Port Forwarding & DNS

stevenhuey
Level 1
Level 1

‎07-23-2008 06:30 AM - edited ‎03-03-2019 10:52 PM

I have an ASA5505 with 3 interfaces configured: inside, outside, and DMZ. I want the DMZ to be able to access the internet through the outside interface, but not have any access to the inside interface. I've got a device on the DMZ network that needs to have ports 1008, 1009, 1018, and 2000 open for outside access, and the same device also needs internet access.

My config is at: http://stevenhuey.net/cisco/config.txt

I think I have the NAT and ACLs correct for opening the ports, however DNS queries from the DMZ are blocked and aren't working.

Any suggestions?

Labels:
0 Helpful
1 Reply 1

dhananjoy chowdhury
Level 5
Level 5

‎07-23-2008 02:29 PM

try disabling inspect dns.

policy-map global_policy

class inspection_default

no inspect dns

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card