Cisco ASA5505 - DMZ Connection

Unanswered Question
Jun 13th, 2012

My first time programming a Cisco ASA - Have to get my feet wet sometime right?

Anyways I''m trying to setup up Ethernet 0/6 to be a DMZ Connection

When I add port 0/6 to DMZ it gives me an error saying "The IP Address X.X.X.X /Subnet Mask cannot overlap the subnet of interface outside"

So my question is I have an outside connection already configured - How can I make a DMZ connection with the same subnet mask with a different IP?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Mitchell Dyer Wed, 06/13/2012 - 19:24

Hello Kevin,

You will need to setup the DMZ interface in a different subnet using an address range from RFC1918 (,, and then NAT traffic from the 'dmz' to the 'outside'. You will also need to modify the access-lists accordingly.

Please post your config and I'd be happy to get you pointed in the right direction, also -- please indicate whether you are using a base or security plus license and what software version you are running (both items can be found by issuing "show version").



This Discussion