Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ASA 5510 DMZ to Inside

I setup a server in a DMZ with a public address given my ISP.   12.x.x.1  ,   I need to access LDAP internally, 192.168.x.1.   I am not sure the proper procedure, so 12.x.x.1 can Query LDAP on 192.168.x.1. 

The DMZ eth0/1.1 is a  sub-interface of the inside  Eth0/1,  the outside being Eth 0/0

I am able to access the server 12.x.x.1, via port 80, as I have in my “Access Rule”

"access-list OutsideIn extended permit tcp any host 12.x.x.1 eq http"

I am unclear out to get  12.x.x.1, to access 192.168.x.1 can do an LDAP Query.

Thank you any help

1 REPLY
Gold

Re: ASA 5510 DMZ to Inside

Hello,

If you can already access that same server on port 80, it sounds like all your NAT rules are setup correctly. It sounds like you'll just need to add another access rule for TCP/389 for LDAP. Give this a try:

access-list OutsideIn extended permit tcp any host 12.x.x.1 eq 389

Hope that helps.

-Mike

215
Views
0
Helpful
1
Replies