Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Pix 515 - Translation Exemption Rules to DMZ

I have a webserver on our DMZ and created a translation exemption rule from my PC (inside) to this DMZ server. I have done nothing else and I can use a web browser to get to it. I have created no rules for http or anything - should this happen??

5 REPLIES
Purple

Re: Pix 515 - Translation Exemption Rules to DMZ

That is fine - you are going from a trusted interface (inside) to a less trusted interface (dmz) so that is okay. The PIX imposes stricter controls on packets from less trusted interfaces to more trusted interfaces.

So what you are seeing is as per design.

Hope that helps - pls rate the post if it does.

Paresh

Community Member

Re: Pix 515 - Translation Exemption Rules to DMZ

Thanks, what I don't understand is that I can get onto the Http website but not the Shares or anything else. It's actually only the web site I need, but may need the shares too later.

Purple

Re: Pix 515 - Translation Exemption Rules to DMZ

If you can't get into the shares, I suspect that it's not the firewall that is the problem. If you have not configured any form of access control, then you should be able to access everything through the PIX.

Paresh

Community Member

Re: Pix 515 - Translation Exemption Rules to DMZ

so as long as i have the Translation exempt rule in from my PC to the DMZ webserve then everything should be acceccible? no extra rules are needed?

Purple

Re: Pix 515 - Translation Exemption Rules to DMZ

That is correct.

Pls remember to rate posts that help.

Paresh

148
Views
0
Helpful
5
Replies
CreatePlease to create content