08-14-2006 07:59 PM - edited 03-09-2019 03:54 PM
Please HELP! I have reduced my network to two machines, an internal DNS server 192.168.11.10, and my webserver 10.10.10.2 on the DMZ. I believe I have the proper ACL's configured to allow DNS and web traffic. But for some reason I dont get a web page on either machine. I have looked at the debugging monitoring and I can see the connections being built and torn down. Where am I going wrong here?
08-15-2006 04:15 AM
Your NAT config is rather complicated. You seem to be trying to hide various IPs but I can't get mr head round it and suspect this is where the problem lies.
Far simpler not to NAT between DMZ and inside. To change your config to do this:
no global (Inside) 2 interface
no global (DMZ) 1 interface
no static (Inside,DMZ) 10.10.10.3 192.168.11.10 netmask 255.255.255.255 dns
no static (DMZ,Inside) 192.168.11.12 10.10.10.2 netmask 255.255.255.255 dns
no static (Inside,DMZ) 10.10.10.4 192.168.11.11 netmask 255.255.255.255 dns
static (Inside,DMZ) 192.168.11.10 192.168.11.10 netmask 255.255.255.255 dns
clear xlate
08-15-2006 09:43 AM
Thanks for the fast reply Grant.
I am unclear on the whole global address pool with the NAT'ing. It looks like from what you have written above that you are not using a global pool, but the address of the interface, correct?
I have attached a really rough drawing of my network. I am trying to keep things as simple as possible.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: