Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
398
Views
0
Helpful
1
Replies

Access DMZ over vpn tunnel

akblackwel
Level 1
Level 1

‎03-02-2012 07:41 AM - edited ‎03-07-2019 05:18 AM

As an admin, I sit on network 10.40.45.0/24.

I tunnel to our datacenter like this

10.40.45.0/24 -- tunnel to asa @ datacenter 192.168.199.3 -- 192.168.199.0/24 -- datacenter gateway (pix) 192.168.199.1 -- DMZ 192.168.200.0/24

What routes would I have to set up in the pix to allow me on network 10.40.45.0/24 to access servers in my DMZ on network 192.168.200.0/24?

Labels:
0 Helpful
1 Reply 1

John Blakley
VIP Alumni
VIP Alumni

‎03-02-2012 10:06 AM

If you had a real diagram this may be easier

I'm seeing this, so correct me if I'm wrong:

10.40.45.0/24 -> ASA <---VPN--->Pix --- DMZ

The DMZ is off of the Pix? If so, you'll need to not nat your 10.40.45.0 into the DMZ. The Pix obviously has a route back to your 10.40.45.0 subnet (if you can get to anything?), so you wouldn't need any special routes. If you cannot see your 10.40.45.0 subnet from the Pix, you'll need to point the route to your next hop:

route outside 10.40.45.0 255.255.255.0 Pix's gateway

HTH, John *** Please rate all useful posts ***
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card