Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASA outside interface problem

Dear All Friends,

I;m facing some problem configuring my ASA 5516-X. I have configured LAN and DMZ Zone. Both network going to internet as usually but when I'm trying to go DMZ to LAN it is working fine but when I am trying to go LAN to DMZ it is not working. I have but Core FW configuration is ok. 
One more thing is I have tried to ping server inside DMZ zone by connecting my PC - ASA using direct cable connection but server is not reachable. 
Please see the attachment and try to give me solution.

-Mehedi-

Everyone's tags (1)
2 REPLIES
New Member

Hi,

Hi,

I cannot see an ACL defined for "inside_access_in" Do you have one defined?

If you are connecting to a server within the same subnet / Vlan etc, but still the issue persists, confirm if the server is running a localised firewall.

New Member

Hi can you re-arrange the ACL

Hi can you re-arrange the ACL 


#access-list dmz_access_in extended permit icmp any any echo-reply
#access-list dmz_access_in extended permit object-group DM_INLINE_SERVICE_1 object DMZTOINSIDEDBSERVER 192.168.100.0 255.255.255.0

 or 

#access-list dmz_access_in extended permit ip host LAN_IP host DMZ_IP

later do ping from from LAN to DMZ ...

if not ok . Please share packet-tracer

#packet-tracer input LAN icmp LANIP 0 8 DMZIP detail

Thanks,

Mani

54
Views
4
Helpful
2
Replies
CreatePlease to create content