CISCO DMZ configuration - TechRepublic
General discussion
December 14, 2004 at 11:37 PM
hamichael

CISCO DMZ configuration

by hamichael . Updated 21 years, 6 months ago

Hi!

I am having a problem allowing my Web Server in DMZ to connect to Database server in Internal interface. I understand that some of you are highly expert in CISCO PIX, could you kindly give me an advice in this matter? My PIX configuration are as below. Thank you very in advance.

PIX Version 6.3(3)

access-list 101 permit ip any any
access-list 301 permit tcp any host 205.145.71.82 eq www
access-list 201 permit ip any any
ip address inside 192.168.0.3 255.255.255.0
ip address dmz 192.168.6.1 255.255.255.0
global (outside) 1 205.145.71.81
global (dmz) 1 192.168.6.100-192.168.6.150
nat (inside) 1 192.168.0.0 255.255.255.0 0 0
nat (dmz) 1 192.168.6.0 255.255.255.0 0 0
static (dmz,outside) 205.145.71.82 192.168.6.3 netmask 255.255.255.255 0 0
access-group 301 in interface outside
access-group 101 in interface inside
access-group 201 in interface dmz

This discussion is locked

All Comments