Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Cisco ASA5505 - DMZ Connection

My first time programming a Cisco ASA - Have to get my feet wet sometime right?

Anyways I''m trying to setup up Ethernet 0/6 to be a DMZ Connection

When I add port 0/6 to DMZ it gives me an error saying "The IP Address X.X.X.X /Subnet Mask cannot overlap the subnet of interface outside"

So my question is I have an outside connection already configured - How can I make a DMZ connection with the same subnet mask with a different IP?

1 REPLY
New Member

Cisco ASA5505 - DMZ Connection

Hello Kevin,

You will need to setup the DMZ interface in a different subnet using an address range from RFC1918 (192.168.0.0-192.168.255.255, 172.16.0.0-172.172.31.255.255, 10.0.0.0-10.255.255.255) and then NAT traffic from the 'dmz' to the 'outside'. You will also need to modify the access-lists accordingly.

Please post your config and I'd be happy to get you pointed in the right direction, also -- please indicate whether you are using a base or security plus license and what software version you are running (both items can be found by issuing "show version").

-Mitch

184
Views
0
Helpful
1
Replies