Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

dmz static issue

I have one host in a dmz that I allow to access a host on our internal lan, static (inside,outside) 192.168.10.3 192.168.51.2 netmask 255.255.255.255.

I know have a second host, 192.168.51.3, that I would like to allow 192.168.10.3 to access. I know I cannot apply the following static, static (inside,outside) 192.168.10.3 192.168.51.3 netmask 255.255.255.255, as it will create a conflict with the first static.

What is the best way to accomplish what I am trying to do? I think I am missing something really simple.

Thanks.

1 ACCEPTED SOLUTION

Accepted Solutions
Silver

Re: dmz static issue

Based on the way your scenario sounds what you need is:

static (inside,outside) 192.168.10.0 192.168.51.0 netmask 255.255.255.0

and then use acl on outside interface like:

access-list acl_in permit ip host 192.168.10.3 host 192.168.51.2

access-list acl_in permit ip host 192.168.10.3 host 192.168.51.3

HTH pls rate!

1 REPLY
Silver

Re: dmz static issue

Based on the way your scenario sounds what you need is:

static (inside,outside) 192.168.10.0 192.168.51.0 netmask 255.255.255.0

and then use acl on outside interface like:

access-list acl_in permit ip host 192.168.10.3 host 192.168.51.2

access-list acl_in permit ip host 192.168.10.3 host 192.168.51.3

HTH pls rate!

88
Views
0
Helpful
1
Replies
CreatePlease to create content