Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

PIX 525

Hello All,

I have a dmz interface running on network and inside network running on I want all of my devices on dmz to connect to devices on inside network. What conduit commands I could use in conjuction with the command below to open the whole network from dmz to inside.

static (inside, dmz) netmask

New Member

Re: PIX 525


That kind of configuration is completely unsecure. What you want, is opening completely your internal network from DMZ, and this one, by definition, is open to the Internet, then internal nets will be open to the Internet through DMZ servers. Of course, it's possible to do that, but you shouldn't. But, if you absolutely want that config, move your servers to inside and kill your DMZ network, you don't need it anymore. Don't forget, F/Ws aren't miracle box against hackers. They just filtered out some attacks based on the security you have configured on it. Then, f/w is as good as the person who has configured it.

If you want some advices on this subject, you can contact me directly.