Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1044
Views
0
Helpful
2
Replies

DMZ Access (Strange Issue)

rbaeditores
Level 1
Level 1

‎12-21-2011 02:43 AM - edited ‎03-11-2019 03:04 PM

Hello,

We can´t reach DMZ servers from other DMZ servers. It's very strange.

If I make a ping from DMZ server to another, sometimes only recieve one ping, sometimes 4, sometimes 0.

How can I allow the traffic between DMZ servers??

(ASA 5520 Version 8.4)

Regards

Labels:
0 Helpful
2 Replies 2

raga.fusionet
Level 4
Level 4

‎12-21-2011 05:25 AM

Chris are we talking about servers that are on the same DMZ or two different DMZs?

You said that sometimes it works sometimes it doesnt, it sounds like a problem on the client side, have you checked for faulty NICs, cabling, or even duplicated IP addresses?

What happens on the ASA if you debug icmp trace while trying to ping?

Thanks,

Raga

0 Helpful

puseth
Level 1
Level 1
In response to raga.fusionet

‎12-22-2011 01:50 PM

Chris,

If the source and destination are behind a Same DMZ interface and they are connected on a L2 switch, these packets should be routed b/w them from this Switch and packets should not go the the ASA.

Sometimes in cases of ASA doing proxy arp these packets can go to the ASA.

Can you take the output of arp -a from the Server when you can ping the other server fine and when you cannot.

Puneet

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card