Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

d-nat

I am using pix 515 with four dmz, inside and outside interaces. these interfaces are in the following order

inside | dmz1 | dmz2 | dmz3 | dmz4 | outside

Access to web server at dmz1 has to be given from dmz2 and outside interface by URL name. DNS server is put at dmz4. Static and conduit pair from outside is working ok. However the samethig replicated for dmz2 is not giving desired results.

I am using pvt ip and doing nat at dmz1,dmz2 and dmz3 only.

static and conduit pair is as follows:

static(dmz1,dmz2) <dmz2_ip> <dmz1_ip>

conduit permit tcp host <dmz2_ip> eq www any

With these configuration what more I have to do if I need to access web by URL.

---ejaj

7 REPLIES
Cisco Employee

Re: d-nat

You need to use alias command as explained in following URL

http://www.cisco.com/warp/customer/110/alias.html#dmz

HTH

R/Yusuf

New Member

Re: d-nat

Dear Yusuf

I did, but not successful. Here is the entry which I put

alias(dmz2)

even reversing the order of IPs also didn't work

Cisco Employee

Re: d-nat

Try using alias command for dmz1, where the web server is located ??

The interface in the alias command should be the "interface" that the clients are calling from.

R/Yusuf

New Member

Re: d-nat

webserver is at dmz1 and dns server is at dmz4

---ejaj

Cisco Employee

Re: d-nat

you need to use multiple alias commands from where the clients are coming from i.e. browse the web which is at dmz1

for eg

alias (inside)

alias (dmz1)

alias (dmz2)

R/Yusuf

New Member

Re: d-nat

Thank you Yusuf, still I am not clear which ip I have to put in which alias and in which order. My doubt is exactly this one.

New Member

Re: d-nat

Dear Yusuf

Pl help me regarding doing alias. I am not able to do. My exact doubt is, which ip will come first at alias(dmz1). I did alias(inside) amd alias(dmz2) correctly.

I have used alias(dmz1,dmz2)

This didn't work. Even I reversed the order of dmz1_ip and dmz2_ip, it didn't work.

---ejaj

167
Views
0
Helpful
7
Replies
CreatePlease to create content