Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

basic pix 535 config-connectivity between inside and the dmz


I have PIX 535 running 6.2(2) with 8 interfaces. The ip at the inside is and one of the dmz-corporate is

And the PIX interface in the respective networks have ip *.*.*.1.

I can ping from any host or device from these networks to the pix interface. But when it comes to communicate from the inside network to the may be dmz-corporate network, I cannot. I have access-list with ip any any in both directions, and the show route is

dcm-p535-mnpr# sh route

outside 1 OTHER static

FailOver 1 CONNECT static

DMZ-Mon 1 CONNECT static

DMZ-Mon 1 OTHER static

inside 1 CONNECT static

inside NOC-Operators 1 OTHER static

DMZ-Signaling 1 OTHER static

DMZ-Signaling 1 CONNECT static

DMZ-Corporate 1 CONNECT static

DMZ-Collocation 1 CONNECT static

DMZ-TCI-Services 1 CONNECT static

outside 1 CONNECT static


What I might be missing. Are the route commands not enough to communicate, from one interface to the other. I am not using any routing between vlans or you can say different subnets on different interfaces.

Appreciate any input. I am not putting the config as it might be big, but if need can send that too.Appreciate your time, and the sooner the better.



Cisco Employee

Re: basic pix 535 config-connectivity between inside and the dmz

To enable connectivity from inside to dmz, you also need to have nat (inside) and global (dmz) commands configured.

hope this helps,


CreatePlease login to create content