Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
363
Views
0
Helpful
1
Replies

ASA 5510 DMZ to Inside

semperfi4000
Level 1
Level 1

‎10-07-2010 01:15 PM - edited ‎03-11-2019 11:51 AM

I setup a server in a DMZ with a public address given my ISP.   12.x.x.1  ,   I need to access LDAP internally, 192.168.x.1.   I am not sure the proper procedure, so 12.x.x.1 can Query LDAP on 192.168.x.1. 

The DMZ eth0/1.1 is a  sub-interface of the inside  Eth0/1,  the outside being Eth 0/0

I am able to access the server 12.x.x.1, via port 80, as I have in my “Access Rule”

"access-list OutsideIn extended permit tcp any host 12.x.x.1 eq http"

I am unclear out to get  12.x.x.1, to access 192.168.x.1 can do an LDAP Query.

Thank you any help

Labels:
0 Helpful
1 Reply 1

mirober2
Cisco Employee
Cisco Employee

‎10-08-2010 06:05 AM

Hello,

If you can already access that same server on port 80, it sounds like all your NAT rules are setup correctly. It sounds like you'll just need to add another access rule for TCP/389 for LDAP. Give this a try:

access-list OutsideIn extended permit tcp any host 12.x.x.1 eq 389

Hope that helps.

-Mike

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card