Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
318
Views
0
Helpful
2
Replies

Unable to access web server of DMZ Zone from Inside interface

saroj pradhan
Level 1
Level 1

‎03-19-2014 10:48 PM - edited ‎03-11-2019 08:58 PM

Hi,

 

please  help  me to  resolve  the issue.  i have  created  a DMZ  Zone   Network  with  public  IP Addresses.

i have  created   Identity   nat  for  DMZ  Network  access the internet.  The  server  in the DMZ  Is  accessable  from  Internet.

To  access the server  from  inside  interface  created  ACE and  NAT exampt  . Able  to ping  and   trace  the  DMZ Server  from  Inside interface  but  unable  to  open  page  or  access the web  server from  inside interface.

please  guide  to resolve  the issue.

 

Regards,

Saroj

Labels:
0 Helpful
2 Replies 2

Mark Graham
Level 1
Level 1

‎03-20-2014 01:22 PM

check your logs, they offer quite an extensive reason to blocking.   

 

 

my guess is your DMZ  policy is blocking it.  remember, all interfaces with a higher security level are blocked from internal interfaces (level 0) by default.

 

edit:  use the packet tracer program as well thats bundled in the asa.   you can preform these tasks under ASDM as well as under CLI   

0 Helpful

saroj pradhan
Level 1
Level 1
In response to Mark Graham

‎03-20-2014 05:25 PM

Hi,

 

i run a packet  trace but  not  showing any  block.please find the report encloesd.

 

Regards,

Saroj

Preview file
3 KB
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card