Not able to pass traffic between DMZ and inside interface.

Unanswered Question
Oct 23rd, 2008

I'm trying to all all inside access to the DMZ and the internet.

DMZ has web server and Email.

Followed a document from cisco...

I'm attached a config.

Can browse internet from both DMZ and Inside networks.

I will rate high for any assistance.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Brent Rockburn Thu, 10/23/2008 - 12:28

I think you might need an ACL attached to your DMZ interface stating that you'll allow traffic from the DMZ inside.

suschoud Thu, 10/23/2008 - 15:18

please add :

static (inside,dmz) 192.168.0.0 192.168.0.0 netmask 255.255.255.0

regards,

Sushil

risenshine4th Mon, 10/27/2008 - 13:06

I'm still missing something. I added both the static and have tried access rules without success. Any other suggestions?

Brent Rockburn Thu, 10/30/2008 - 08:10

I don't think there needs to be any nating taking place on the inside of your firewall.

Are you getting any hits on the ACL you put allowing traffic from your DMZ to the inside

access-list dmz_in permit ip 192.168.154.0 255.255.255.0 192.168.1.0 255.255.255.0

access-group dmz_in in interface dmz

is it something like this you have and do you see hits against it?

Actions

This Discussion