Start or search
Create a new discussion
If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.
Related Discussions
-
0
-
1
-
1
-
0
-
0
Asa Dmz Config
I have an issue with NAT, while configuring three zones asa implementation (Outside/Dmz/Inside).
Objective is:
Allow all inside to internet
Allow Dmz to internet (OS/Apps updates)
Allow some services/ports from internet to Dmz
Allow some services/port from internet to inside
ACL's working fine, but NAT is not, here what I am doing:
Dmz: 192.168.2.0 255.255.255.0
Inside: 192.168.1.0 255.255.255.0
Outside: 1.1.1.1
! Dynamic NAT for both Inside & DMZ to Internet
global (outside) 100 interface
nat (Dmz) 100 192.168.2.0 255.255.255.0
nat (inside) 100 192.168.1.0 255.255.255.0
! public address to server in DMZ
static (Dmz,outside) 1.1.1.3 192.168.2.20 netmask 255.255.255.255
! public address to server in Inside
static (inside,outside) 1.1.1.2 192.168.2.30 netmask 255.255.255.255
! allow webserver to access DB Servers inside
static (Dmz,inside) 192.168.1.20 192.168.2.20 netmask 255.255.255.255
The point is, when I configure the above, Dmz zone to inside does not work!
but when I stop "static (Dmz,Inside)", all the inside loose the connection to the net, but all other direction work fine!
Any idea why?
Thanks
This conversation is currently closed to new comments.