Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
507
Views
0
Helpful
3
Replies

ASA5505 with base license - access from dmz to internal

acleri
Level 1
Level 1

‎12-19-2011 02:09 AM - edited ‎03-11-2019 03:03 PM

Hi,

we have a cisco ASA5505 with base license and 3 interface configured.

Internal 192.168.1.1/24

DMZ 172.16.0.1/24

Outside 20.20.20.20/24

The DMZ is configured to allow the traffic pass to the outside interface only (base license allow only traffic to one interface) in order to let clients on this network to browse internet.

On the outside interface there's a nat configuration that let the port 443 to be natted to an in internal server.

Is it possible to let the clients in DMZ to access to the internal server on port 443 from the outside interface?

Thank you for your help.

Labels:
0 Helpful
3 Replies 3

mvsheik123
Level 7
Level 7

‎12-19-2011 08:06 AM

No. You need to upgrade the license so that DMZ and Inside can communicate directly..

hth

MS

0 Helpful

acleri
Level 1
Level 1
In response to mvsheik123

‎12-19-2011 08:39 AM

access from dmz to internal need to the license upgrade but I would like to allow traffic from dmz to outside and then nat the traffic to inside, is it possible?

0 Helpful

mvsheik123
Level 7
Level 7
In response to acleri

‎12-19-2011 09:12 AM

I would like to allow traffic from dmz to outside and then nat the traffic to inside, is it possible?

Thats your question in Main posting. The answer is 'No'.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card