Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
366
Views
0
Helpful
1
Replies

Allowing multiple networks on DMZ help ASA5505!!

terrencepayet
Level 1
Level 1

‎05-23-2011 08:26 AM - edited ‎03-11-2019 01:37 PM

Hi Guys,

I have 3 networks coming on DMZ (VPN) interface. Only one network is able to ping the DMZ interface. See below networks coming i on the DMZ.

  • 10.132.24.0/24
  • 10.132.25.0/24
  • 10.132.26.0/24

Only the 10.132.26.0/24 netork works as it is in the same range as the DMZ interface.

Grateful if you guys can help me on allowing the other two networks to communicate. I've attched the diagram and configs for your perusal.

Thanks,

Terence

Labels:
86780-config.txt.zip
20 KB
0 Helpful
1 Reply 1

mirober2
Cisco Employee
Cisco Employee

‎05-23-2011 09:57 AM

Hi Terrence,

It looks like you're missing routes for the 10.132.24.0/24 and 10.132.25.0/24 subnets. Therefore, the ASA thinks these networks exist off your outside interface (given you default route). Try adding static routes for these subnets:

route dmz 10.132.24.0 255.255.255.0
route dmz 10.132.25.0 255.255.255.0

Hope that helps.

-Mike

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card