I have a client who we just put a new DMZ card in for on a 515. Moved a machine out to the DMZ and that server can be accessed from the outside no problem (web server). The problem is, that there is no access from the LAN to the DMZ. I have compared the config to other working configs and everything looks like it should be fine. I am thinking that I am missing something simple. Below is most of the config and everything related to the DMZ. Any ideas on why we can't access the DMZ from the Inside inderface? No ping, no nothing at this point. We just want to allow all traffic from the LAN (inside) to the DMZ. Thanks!
PIX Version 6.3(1)
interface ethernet0 10baset
interface ethernet1 10baset
interface ethernet2 10baset
nameif ethernet0 outside security0
nameif ethernet1 inside security100
nameif ethernet2 dmz security10
access-list acl_out permit icmp any any
access-list acl_out permit tcp any host 64.xx.xx.xx eq www
Pix(config)# access-list no_nat permit ip 192.168.2.0 255.255.255.0 192.168.5.0 255.255.255.0
Pix(config)# access-list no_nat permit ip 192.168.3.0 255.255.255.0 192.168.5.0 255.255.255.0
Pix(config)# nat (inside) 0 access-list no_nat
Pls. Remember the rule: From Interface Inside to Interface DMZ requires nat/global command.And DMZ to Inside requires static/conduit. Pls. issue cmd: 'clear xlate' after configuration has been saved with cmd: 'wr m' (write memory)
Hope this helps out for your problem. Let me know how you get on.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :