02-19-2007 11:34 AM - edited 03-11-2019 02:35 AM
Hello - I have a Windows Media Server on my DMZ. What i am trying to do is have the WMS server communicate with my SQL server on my inside network and vice versa and for some reason i can't get to WMS server from the inside. can you please look at my config and tell me what issue i'm having.
02-19-2007 11:44 AM
static (inside,dmz) 192.168.0.0 172.16.0.0 netmask 255.255.0.0 0 0
should be...
static (inside,dmz) 192.168.0.0 192.168.0.0 netmask 255.255.0.0 0 0
02-19-2007 11:44 AM
Hi
I can't view the visio but from your config i think the problem is the following line:-
static (inside,dmz) 192.168.0.0 172.16.0.0 netmask 255.255.0.0 0 0
What is this line meant to be doing ?
lets say your SQL server was 192.168.0.56 then you would need
static (inside,DMZ) 192.168.0.56 192.168.0.56 netmask 255.255.255.255
This will setup the correct translations for your SQL server to talk to the WMS and vice-versa.
HTH
Jon
02-19-2007 05:07 PM
will the configuration i have will enable me to ping and perform security updates from my inside network? sorry guys, i a bit new to pix firewall.. any help would be great
02-20-2007 02:39 AM
Hi
If you need other servers internally to talk to your DMZ servers go with what the other poster said
static (inside,DMZ) 192.168.0.0 192.168.0.0 netmask 255.255.0.0
You would still need to allow any traffic initiated from the DMZ to the inside in an access-list.
HTH
Jon
02-26-2007 11:42 AM
i need to allow traffic from the DMZ to my inside interface so that the server can get MS updates. can you please let me know what im missing with my config?
02-26-2007 01:00 PM
As long as you have changed the static as recommended above, you need to add entries to your access list which is applied in interface dmz, which according to your config is "ping_acl". If you're talking about a WSUS server it would be something like...
access-list ping_acl permit tcp host
access-group ping_acl in interface dmz
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: