Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Attention: The Community will be in read-only mode on 12/14/2017 from 12:00 am pacific to 11:30 am.

During this time you will only be able to see content. Other interactions such as posting, replying to questions, or marking content as helpful will be disabled for few hours.

We apologize for the inconvenience while we perform important updates to the Community.

New Member

Issue in Accessing DMZ servers form Internet (Sorry Attachemnt is here)

Hi all,

I have serious issue if any one could help me in this i have attached the configuration for your reference

Issue is : Can't able to access server in DMZ Zone from Internet but everything is working fine (i can able to connect) when i connect my laptop at outside interface by removing ISP link. Configuration is below attached

2 REPLIES
New Member

Re: Issue in Accessing DMZ servers form Internet (Sorry Attachem

Your access-list tied to the DMZ is blocking all traffic. The ACL is in reguards to traffic originating on that interface. Since your DMZ ACL is allowing anything to 192.168.32.x, but the traffic is originating from those addresses, it's being blocked. I recommend changing the ACL to this:

access-list DMZ extended permit ip 192.168.32.0 255.255.255.0 any

Keep in mind that that will allow anything from the DMZ to anywhere else on the PIX including the inside interface.

Green

Re: Issue in Accessing DMZ servers form Internet (Sorry Attachem

Although that acl is written poorly, and backwards, it would not prevent the outside from accessing the dmz.

109
Views
0
Helpful
2
Replies
CreatePlease to create content