Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Accessing a DMZ from the inside.

A PIX will only let a user acces a resource in a DMZ by it's private IP address and not it's public address. I'm sure there is a reason for that that is security-based, but I don't know what it is. Can any one point me to documentation or explain that to me? Thanks.

1 REPLY
Cisco Employee

Re: Accessing a DMZ from the inside.

Hi,

This is not a security reason, rather a routing reason. If a packet comes into PIX, it will route the packet directly to the DMZ interface. Doing this, the PIX doesnot require any Translation, just simple routing. But if you want to use public address for the DMZ, then you need to use Destination NAT feature.

Thanks

Nadeem

90
Views
0
Helpful
1
Replies
CreatePlease to create content