Thanks a lot.I can now access the servers

in dmz by address only

.When accessing by name, it does not work.The server url name is mtp:8081/helpdesk.Is there any way to configure this on ASA ?Thanks.

Hello,

What is the location of your WINS server? If it is on the inside of the firewall, then you need to configure a static NAT rule so that the hosts can communicate with the WINS server.

static (inside,dmz) netmask 255.255.255.255

Hope this helps.

Regards,

NT

The WINS/DNS server is on the inside interface (in the server vlan behind the 192.168.104.0 network)
For AD replication to work with other partners, the servers in the server vlan are having the ip address of the ISA server
as their default gateway, not the server vlan svion the switch.

A ping from the ASA to the wins server does not succeed even though a route was created on the ISA server for network 192.168.104.0/24
and 172.100.0.0 that point to the server svi on the 3560 switch.

What should i do to be able to ping from the asa to the wins server ?

Thanks

Here is the setup

server vlan 172.31.0.0/24-----------                                switch int gi0/22------               ASA eth0/2----------     ASA DMZ interface

def gateway = ISA server IP address 172.31.0.16        switch   ip 192.168.104.2         ip 192.168.104.1      172.100.0.1/24

Hello,

I think the first step would be to make sure that your ISA server has a

route to rest of the network. Once it has the route, I think adding that

static statement I had mentioned earlier would do the trick. Please check

the ISA device (or you can do a tracert from the WINS server as well) and

see where the packets are getting dropped.

Regards,

NT