I have met a problem with SA540's optional port. I've set it to DMZ mode, and enable it to have an outbound traffic. The problem is: each time I reboot the SA540, the optional port has trouble, all traffic is blocked, I can't ping to anywhere. The only thing I can do is to go to the web UI, and change the port mode to WAN mode, apply, and then rechange it back to DMZ mode, then it works as usual. Is it a bug? Will it be resolve in the next version of IOS? Any help will be appreciated.
Solved! Go to Solution.
I will set this scenario up in my lab and let you know what I find as soon as possible. Is your optional port using a second WAN technology? (ie WAN1 is dsl and the optional port is cable. Or are you using an IP out of a block of IP's from a single provider?)
Thanks for reply. I'm not using a second WAN. I have the SA540 under the modem, and it has a public ip for the WAN interface. The optional port is set to DMZ mode to allow the host in the DMZ zone to access to internet. That's all I want to offer to the client. But when it has troubles, I can't even ping from the DMZ zone to the SA540's gateway.
My apologies. I misread your original post. Again, I will lab up the scenario that you have and see if I get the same result. Sorry for the confusion, I think I need another cup of coffee.
I have sent a private message with my contact information. Would you please send me the config of your SA500 when you are able to get on the internet via the DMZ port?
Last week, I've upgraded my SA540 to the latest firmware version. But the optional port problem doesn't seem to be resolved. And the remote access also has the same problem. After the restart of the device, it needs to be disable and enable again to make it works.