I am testing an ASA5510 configuration prior to implementation. Currently we use static NAT for a number of machines located on the inside network that we access from the outside. I use Access-lists to control what ports are opened up. Everything seems to work fine.
I know that in the near future, I will be asked to setup a DMZ and place some items there. So, I have been testing a simple configuration where I have one machine in the DMZ and I open up ports to it. I also setup static nat for the machine in the dmz.
Here's the problem. What I am finding is that I can only get one side to work at a time.
I have the followng statements in place, but when I view the config, only one of them is active. I am guessing that you can't have these statements applied to the same interface. If this is true, can someone tell me what I need to change.
access-group outside_access_in in interface outside
access-group outside_to_dmz in interface outside
As I said, only one statement seems to be saved. If I allow access to the inside, then I can't access the machine in the DMZ. If I allow the statement for the DMZ, then I can't access the machines on the inside network.
This seems to be the only hurdle I am facing with regards to getting this to work...I hope.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...