Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

Unable to access web server of DMZ Zone from Inside interface

Hi,

 

please  help  me to  resolve  the issue.  i have  created  a DMZ  Zone   Network  with  public  IP Addresses.

i have  created   Identity   nat  for  DMZ  Network  access the internet.  The  server  in the DMZ  Is  accessable  from  Internet.

To  access the server  from  inside  interface  created  ACE and  NAT exampt  . Able  to ping  and   trace  the  DMZ Server  from  Inside interface  but  unable  to  open  page  or  access the web  server from  inside interface.

please  guide  to resolve  the issue.

 

Regards,

Saroj

2 REPLIES
New Member

check your logs, they offer

check your logs, they offer quite an extensive reason to blocking.   

 

 

my guess is your DMZ  policy is blocking it.  remember, all interfaces with a higher security level are blocked from internal interfaces (level 0) by default.

 

edit:  use the packet tracer program as well thats bundled in the asa.   you can preform these tasks under ASDM as well as under CLI   

New Member

Hi, i run a packet  trace but

Hi,

 

i run a packet  trace but  not  showing any  block.please find the report encloesd.

 

Regards,

Saroj

94
Views
0
Helpful
2
Replies
CreatePlease to create content