Cisco ASA5505 - DMZ Connection

Unanswered Question
Jun 13th, 2012

My first time programming a Cisco ASA - Have to get my feet wet sometime right?

Anyways I''m trying to setup up Ethernet 0/6 to be a DMZ Connection

When I add port 0/6 to DMZ it gives me an error saying "The IP Address X.X.X.X /Subnet Mask cannot overlap the subnet of interface outside"

So my question is I have an outside connection already configured - How can I make a DMZ connection with the same subnet mask with a different IP?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Average Rating: 0 (0 ratings)
Mitchell Dyer Wed, 06/13/2012 - 19:24

Hello Kevin,

You will need to setup the DMZ interface in a different subnet using an address range from RFC1918 (192.168.0.0-192.168.255.255, 172.16.0.0-172.172.31.255.255, 10.0.0.0-10.255.255.255) and then NAT traffic from the 'dmz' to the 'outside'. You will also need to modify the access-lists accordingly.

Please post your config and I'd be happy to get you pointed in the right direction, also -- please indicate whether you are using a base or security plus license and what software version you are running (both items can be found by issuing "show version").

-Mitch

Actions

Login or Register to take actions

This Discussion

Posted June 13, 2012 at 6:12 PM
Stats:
Replies:1 Avg. Rating:
Views:165 Votes:0
Shares:0
Tags: No tags.
Categories: Switches
+

Discussions Leaderboard

Rank Username Points
1 15,012
2 8,155
3 7,745
4 7,088
5 6,752
Rank Username Points
115
89
88
74
38