Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

DMZ setup for SIP

I am setting up a PBX in the DMZ. The handsets are going to be on the inside network. The DMZ and the inside vlans have default settings (i.e. no explicit access-groups).

For some reason even though the inside and dmz vlans are default I can't seem to ping or get to DMZ servers form the inside. Both inside and DMZ nodes can get to the outside interface.

Any help would be appreciated.

1 REPLY
Hall of Fame Super Blue

Re: DMZ setup for SIP

Hi

Ping uses ICMP which is not a stateful protocol. If you don't have an access-list on the DMZ interface allowing ICMP traffic back to the inside then it won't work.

If it is not just ping that is the problem have you accounted for NAT going from the inside to the DMZ ?

If you could send a copy of the config with any sensitive info removed.

HTH

350
Views
0
Helpful
1
Replies
CreatePlease to create content