Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
279
Views
0
Helpful
2
Replies

Cannot access Internet from DMZ server

jonl711
Level 1
Level 1

‎04-02-2009 06:37 AM - edited ‎03-11-2019 08:13 AM

I have a mail server that is in the DMZ which is behind the Cisco 2621 router. I cannot get it to ping past the internal interface. There is a ip nat statement:

ip nat inside source list 10 interface Dialer1 overload

But this is not helping, the Dialer1 interface has "ip nat outside" in it's configuration. What else do I need to get this server to access the outside?

I've included the config file for the router.

Thanks

Labels:
Preview file
6 KB
0 Helpful
2 Replies 2

John Blakley
VIP Alumni
VIP Alumni

‎04-02-2009 07:43 AM

What is the mail server ip address? If it's on the 192.168.6 or .7 subnet, you'll need to add "ip nat inside" on interface fa0/1. Then you'll need to add the 192.168.6.0 and 192.168.7.0 subnets to your access-list 10 that you're using to nat with.

HTH,

John

HTH, John *** Please rate all useful posts ***
0 Helpful

jonl711
Level 1
Level 1
In response to John Blakley

‎04-03-2009 04:03 AM

The mail server is on 203.153.242.19 and 192.168.3.3, but the issue was having the 2 "ip nat inside" statements I took them out and all is good so far.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card