Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Attention: The Community will be in read-only mode on 12/14/2017 from 12:00 am pacific to 11:30 am.

During this time you will only be able to see content. Other interactions such as posting, replying to questions, or marking content as helpful will be disabled for few hours.

We apologize for the inconvenience while we perform important updates to the Community.

New Member

ASA 7.0

I had a post with a 6.3(4) referring to the same issue, so now Ive treid the same with an ASA.

My config:

int inside

security 100

ip add

int out

security 0

ip add

int dmz

security 20

nat (dmz) 1

global (inside) 1 interface

nat (inside) 2

global (outside) 2

ACL's on inside and dmz permit ip any any and permit icmp any any

I want to be able to access inside&outside and I cant.Only one works at a time: either from dmz to inside or dmz from outside, depending on how you play with the NAT.



PS: Static is out of question as I have around 20-25 networks on the inside to be accessed from the dmz.


Re: ASA 7.0

I am not sure I understand this but I am assuming you want your internal users and dmz users to access the Internet. I think for that all you need is:

nat (inside) 1

nat (dmz) 1

global (outside) 1 interface

global (dmz) 1 interface

I also don't know why you would like DMZ devices to access the internal network but for that you will need to apply an ACL to dmz interface

CreatePlease to create content