06-16-2009 05:15 AM - edited 03-11-2019 08:43 AM
I am trying to setup a dmz to talk to my internal network and the internal network to talk to the dmz.
Any ideas
06-16-2009 06:20 AM
Create the translation-
static (inside,intf2) 1.30.30.0 1.30.30.0 netmask 255.255.255.0
The add an ACL to restrict traffic-
access-list dmz_access_out permit udp any host yyy.yyy.yyy.9 eq 53
Then apply to the interface-
access-group dmz_access_out in interface intf2
Hope that helps
06-16-2009 06:49 AM
Thanks for the reply chris.
I need to allow all traffic to the internal network from the DMZ and All traffic from the DMZ to the internal network.
06-16-2009 07:09 AM
access-list dmz_acl permit ip 172.30.30.0 255.255.255.0 1.30.30.0 255.0.0.0
access-group dmz_acl in interface intf2
inside has default permit any so you're OK there.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: