Buy or Renew
Buy or Renew
Meraki Community is live! Welcome Meraki Members! Learn more here.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
838
Views
0
Helpful
1
Replies

access-list on asa

cfajardo1_2
Level 7
Level 7

‎12-12-2006 07:27 AM - edited ‎03-11-2019 02:08 AM

i have an asa 5510 which suppose to have the following rules

1. part of the inside users should be able to access the internet.

2. part of the inside users should be able to access a network on the DMZ

3. Part of the inside users should be able to access both the DMZ and the internet.

both http and https should be available on both outside and the dmz.

iam attaching a table which will explain my conventions used in my below config

access-list acl_inside permit ip group AC any

access-list acl_lanX permit ip group BC lan_X

access-group acl_inside in interface inside

nat (inside) 3 access-list acl_lanX

nat (inside) 1 0 0

global (outside) 1 192.168.1.1-192.168.1.250

global (dmz) 3 192.168.2.1-192.168.2.250

with this config, users INSIDE_A cannot access lan_X

I dont know why.

any help and suugestions will be appreciated

thanks

Labels:
21607-TO CISCO.doc
0 Helpful
1 Reply 1

a.kiprawih
Level 11
Level 11

‎12-12-2006 04:55 PM

I assumed your ?group AC? has INSIDE_A & INSIDE_ C users, and access for this group from Inside to DMZ?s Lan_X is controlled by ?acl_inside?.

BTW, can user from INSIDE_C access Lan_X?

What?s the acl_inside entries and object-group for ?group AC? looks like?

HTH

AK

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card