Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASA 5510 ping from dmz to public ip nat'ed to dmz

I need help after spent some hours without any result.... i have a setup like: outside, inside, dmz

inside dmz i have some servers (web, db, dns) with private ip (nat) now i want to be able to can access from a server inside dmz a other server inside same dmz over his public ip (to every server is 1 public ip assigned over nat), what i need to do? now im not able to ping any other over the public ip or to connect to a db or whatever...

1 REPLY

Re: ASA 5510 ping from dmz to public ip nat'ed to dmz

All host in DMZ need to communicate with each other using their own physical IP Address. Example:

Host A - 192.168.101.10

Host B - 192.168.101.20 (Public IP: 202.xx.xx.25)

Host A can only communicate with Host B via 192.168.101.20, not Host B's Public IP.

The Public IP is meant to be used by outside/internet users only, not any host from the same DMZ segment.

Pls refer to:

http://forum.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Security&topic=Firewalling&CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.1ddc8718

HTH

AK

123
Views
5
Helpful
1
Replies
CreatePlease login to create content