06-18-2015 04:46 AM - edited 03-11-2019 11:08 PM
Hi,
I had created DMZ zone on ASA 5505. and configure dynamic NAT for DMZ subnet.
I put one system in DMZ zone and wants to communicate it with outside only.
Can you please guide me, If any ACL I have to implement for result?
Thanks
DD
06-18-2015 05:43 AM
Hi
Do you have the security plus license?
06-18-2015 09:11 PM
Yes I have Security plus license.
06-18-2015 05:45 AM
Hi Dhaval,
As long as you have the routing set up correctly and the DMZ interface is on a higher security level than outside, then you shouldn't need any ACL to allow traffic from the DMZ to the Outside.
However, if you need devices on the Outside to initiate communication to the DMZ, then you will need static NAT and an ACL to allow that connection.
06-18-2015 09:10 PM
Hi Adeolu,
DMZ has 192.168.1.0/24 subnet and deault route is pointing to outside interface.
Is it ok or any other route to be set?
Thanks,
DD
06-19-2015 12:49 AM
Thanks Adeolu and Henrik,.
Actually every thing is fine from ASA side.
DNS was not mention in DMZ system.
Thanks
DD
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide