Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
238
Views
0
Helpful
1
Replies

Accessing a DMZ from the inside.

rcarroll
Level 1
Level 1

‎10-22-2003 11:03 AM - edited ‎03-09-2019 05:15 AM

A PIX will only let a user acces a resource in a DMZ by it's private IP address and not it's public address. I'm sure there is a reason for that that is security-based, but I don't know what it is. Can any one point me to documentation or explain that to me? Thanks.

Labels:
0 Helpful
1 Reply 1

nkhawaja
Cisco Employee
Cisco Employee

‎10-22-2003 02:11 PM

Hi,

This is not a security reason, rather a routing reason. If a packet comes into PIX, it will route the packet directly to the DMZ interface. Doing this, the PIX doesnot require any Translation, just simple routing. But if you want to use public address for the DMZ, then you need to use Destination NAT feature.

Thanks

Nadeem

0 Helpful
Customers Also Viewed These Support Documents