Cisco ASA5505 - DMZ Connection

Unanswered Question
Jun 13th, 2012

My first time programming a Cisco ASA - Have to get my feet wet sometime right?

Anyways I''m trying to setup up Ethernet 0/6 to be a DMZ Connection

When I add port 0/6 to DMZ it gives me an error saying "The IP Address X.X.X.X /Subnet Mask cannot overlap the subnet of interface outside"

So my question is I have an outside connection already configured - How can I make a DMZ connection with the same subnet mask with a different IP?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Mitchell Dyer Wed, 06/13/2012 - 19:24

Hello Kevin,

You will need to setup the DMZ interface in a different subnet using an address range from RFC1918 (,, and then NAT traffic from the 'dmz' to the 'outside'. You will also need to modify the access-lists accordingly.

Please post your config and I'd be happy to get you pointed in the right direction, also -- please indicate whether you are using a base or security plus license and what software version you are running (both items can be found by issuing "show version").



Login or Register to take actions

This Discussion

Posted June 13, 2012 at 6:12 PM
Replies:1 Overall Rating:
Views:180 Votes:0
Tags: No tags.
Categories: Switches