Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

PIX - Inside to DMZ connectivity

I am configuring a PIX 515e Software Version 6.1(4) and would like to give access to all traffic accessing the DMZ. I thought this would work: ("dmz" is the interface name)

conf t

access-list acl_dmz permit ip any any

access-group acl_dmz in interface dmz

I still cannot ping the interface or any hosts on the subnet. It obviosly does not work like the "inside" interface.

I realize I am attempting to open the interface completely - I want to get our sustem back up and work from there. After re-establishing connectivity, I will be configuring a VPN tunnel to another new PIX at a remote site. From there I will start closing things down.

I was hoping the configuration was as quick and easy as opening up the other interfaces...

Thanks!

1 REPLY
New Member

Re: PIX - Inside to DMZ connectivity

Solved this with the following static entry:

static (inside,dmz1) 10.0.2.0 10.0.2.0 netmask 255.255.255.0

where 10.0.2.0 is the subnet of the Inside interface.

101
Views
0
Helpful
1
Replies