Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Green

Access DMZ server from inside with public and private ip

I would like to access a dmz server with both public and private ip's from the inside. I can access private with

static (inside,dmz) 192.168.1.0 192.168.1.0 netmask 255.255.255.255

and I can access by public with destination NAT

static (dmz,inside) 64.1.1.1 172.16.1.1 netmask 255.255.255.255

but I can't put them in at the same time or I get "no translation group found" when trying private ip. Any advice, I guess this isn't possible? ASA 7.2.1

6 REPLIES
Bronze

Re: Access DMZ server from inside with public and private ip

Hi,

Can you post the ip addresses on each interface? what do you mean by public IP? ip on the outside or ip on the dmz?

Regards,

Green

Re: Access DMZ server from inside with public and private ip

Public meaning it's external address, 64.x.x.x. You can see the subnets by looking at the statics I posted but

inside - 192.168.1.x

dmz - 172.16.x.x

outside - 64.x.x.x

Dmz server private ip is 172.16.1.1.

Dmz server public ip is 64.1.1.1.

From inside I want to access dmz server by http://172.16.1.1 AND http://64.1.1.1.

Green

Re: Access DMZ server from inside with public and private ip

anybody?

New Member

Re: Access DMZ server from inside with public and private ip

Look at this...static (inside,dmz) 192.168.1.0 192.168.1.0 netmask 255.255.255.255.

I hope 192.168.1.0 isn't a network address or maybe you mean netmask 255.255.255.0.

Green

Re: Access DMZ server from inside with public and private ip

That statement is correct and is very common. It allows the subnet 192.168.1.0 to communicate with the dmz.

Green

Re: Access DMZ server from inside with public and private ip

Anyone else?

172
Views
0
Helpful
6
Replies