08-08-2002 10:40 PM - edited 03-08-2019 11:53 PM
I am using pix 515 with four dmz, inside and outside interaces. these interfaces are in the following order
inside | dmz1 | dmz2 | dmz3 | dmz4 | outside
Access to web server at dmz1 has to be given from dmz2 and outside interface by URL name. DNS server is put at dmz4. Static and conduit pair from outside is working ok. However the samethig replicated for dmz2 is not giving desired results.
I am using pvt ip and doing nat at dmz1,dmz2 and dmz3 only.
static and conduit pair is as follows:
static(dmz1,dmz2) <dmz2_ip> <dmz1_ip>
conduit permit tcp host <dmz2_ip> eq www any
With these configuration what more I have to do if I need to access web by URL.
---ejaj
08-08-2002 11:40 PM
You need to use alias command as explained in following URL
http://www.cisco.com/warp/customer/110/alias.html#dmz
HTH
R/Yusuf
08-09-2002 02:28 AM
Dear Yusuf
I did, but not successful. Here is the entry which I put
alias(dmz2)
even reversing the order of IPs also didn't work
08-10-2002 12:19 AM
Try using alias command for dmz1, where the web server is located ??
The interface in the alias command should be the "interface" that the clients are calling from.
R/Yusuf
08-10-2002 10:00 PM
webserver is at dmz1 and dns server is at dmz4
---ejaj
08-11-2002 12:29 AM
you need to use multiple alias commands from where the clients are coming from i.e. browse the web which is at dmz1
for eg
alias (inside)
alias (dmz1)
alias (dmz2)
R/Yusuf
08-11-2002 10:50 PM
Thank you Yusuf, still I am not clear which ip I have to put in which alias and in which order. My doubt is exactly this one.
08-13-2002 07:43 PM
Dear Yusuf
Pl help me regarding doing alias. I am not able to do. My exact doubt is, which ip will come first at alias(dmz1). I did alias(inside) amd alias(dmz2) correctly.
I have used alias(dmz1,dmz2)
This didn't work. Even I reversed the order of dmz1_ip and dmz2_ip, it didn't work.
---ejaj
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide