Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
248
Views
0
Helpful
2
Replies

NAT and Static Statements

sameoj1881
Level 1
Level 1

‎09-12-2008 06:00 PM - edited ‎03-11-2019 06:43 AM

I have an ASA 5500 that sits behind the internet router. On this ASA, I have the inside hosts that connects tto the internet via a proxy server. The proxy server is located in the dmz, where I have my ISA,Web client and exchange servers(all in dmz), everybody connects to the internet via the proxy server located in the dmz.

Also I want my remote users to have access to the dmz.

Can someone please give me a step by step config guide on how to do this.

inside hosts---->ASA----->internet router

|

|

|

dmz

A config guide with the scenario that has a step by step guide will be deeply appreciated.

Attached is what have been able to come up with, please correct me where necessary.

Thanks.

Labels:
Preview file
3 KB
0 Helpful
2 Replies 2

ajay chauhan
Level 7
Level 7

‎09-13-2008 01:03 AM

In this case your poxy server ip is natted with public IP which Is allowed to communicate to internet .

If you want external users to access your DMZ server you must nat that server IP via using static nat command and allow access rules on outside interface .

Hope this help.

Ajay

0 Helpful

binhkdinh
Level 1
Level 1

‎09-16-2008 05:53 PM

By reading your text file, I think you're on right track. However, in step 7, you should have "access-group 110 in interface dmz" instead of "access-group 110 out interface outside"

HTH,

-B

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card