Basic 5510 - Need Help.

Unanswered Question
Aug 14th, 2008
User Badges:


I have ASA 5510 and would like to seek help in configuring basics..

Allowing traffic from inside to outside

Allowing traffic from outside to inside

allowing traffic from DMZ to outside

Allowing traffic from DMZ to inside

Allowing traffic from inside to DMZ

---------Config ---------------

ASA Version 7.0(7)


hostname ASA-Q8

domain-name Q8.COM

enable password xxx




interface GigabitEthernet0/0

nameif Outside

security-level 0

ip address


interface GigabitEthernet0/1

nameif INSIDE

security-level 100

ip address


interface GigabitEthernet0/2

nameif DMZ

security-level 50

ip address

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
husycisco Thu, 08/14/2008 - 15:28
User Badges:
  • Gold, 750 points or more

Hello Amin

For a more stable suggestion, I should see your entire config (or at least nat and static statements).

But something like the following should work for you

global (outside) 1 interface

nat (DMZ) 1 0 0

access-list dmz_access_in permit ip alloweddmzips alloweddmznetmask insidehostornetwork insidehostornetworknetmask

access-group dmz_access_in in interface DMZ

if you want to nat DMZ traffic to inside interface when traffic wants to reach inside, use the following

global (inside) 1 interface

If you dont want to have NAT between DMZ and inside, use the following

static (inside,dmz) netmask



This Discussion