Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
526
Views
4
Helpful
2
Replies

ASA outside interface problem

adm.mehedi
Level 1
Level 1

‎12-26-2016 09:31 AM - edited ‎03-12-2019 01:42 AM

Dear All Friends,

I;m facing some problem configuring my ASA 5516-X. I have configured LAN and DMZ Zone. Both network going to internet as usually but when I'm trying to go DMZ to LAN it is working fine but when I am trying to go LAN to DMZ it is not working. I have but Core FW configuration is ok. 
One more thing is I have tried to ping server inside DMZ zone by connecting my PC - ASA using direct cable connection but server is not reachable. 
Please see the attachment and try to give me solution.

-Mehedi-

Labels:
Preview file
311 KB
Preview file
5 KB
0 Helpful
2 Replies 2

mattjones03
Level 1
Level 1

‎12-26-2016 04:14 PM

Hi,

I cannot see an ACL defined for "inside_access_in" Do you have one defined?

If you are connecting to a server within the same subnet / Vlan etc, but still the issue persists, confirm if the server is running a localised firewall.

0 Helpful

MANI .P
Level 1
Level 1

‎12-27-2016 04:04 AM

Hi can you re-arrange the ACL 


#access-list dmz_access_in extended permit icmp any any echo-reply
#access-list dmz_access_in extended permit object-group DM_INLINE_SERVICE_1 object DMZTOINSIDEDBSERVER 192.168.100.0 255.255.255.0

 or 

#access-list dmz_access_in extended permit ip host LAN_IP host DMZ_IP

later do ping from from LAN to DMZ ...

if not ok . Please share packet-tracer

#packet-tracer input LAN icmp LANIP 0 8 DMZIP detail

Thanks,

Mani

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card