Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
230
Views
0
Helpful
2
Replies

DMZ -> Outside

Joli Martinez
Level 1
Level 1

‎08-27-2015 12:03 PM - edited ‎03-11-2019 11:30 PM

I have an ASA version 9.0.1 and I need a way for the DMZ to talk to the Outside network.  This is what I have so far but it is not working.

access-list outside_access_in_1 extended permit tcp any host 1.2.3.1 any

access-group outside_access_in_1 in interface outside

 

<config>

interface Vlan1
 nameif inside
 security-level 100
 ip address 10.0.0.1 255.255.255.0 
!
interface Vlan100
 nameif outside
 security-level 0
 ip address 1.2.3.1 255.255.255.0
!
interface Vlan110
 nameif DMZ   
 security-level 50
 ip address 192.168.1.1 255.255.255.0 

</config>

Labels:
0 Helpful
2 Replies 2

Jon Marshall
Hall of Fame
Hall of Fame

‎08-27-2015 01:17 PM

Not sure what you mean here.

Is your outside interface using a public IP and do you just want your DMZ devices to connect to the internet or do you want external devices on the internet to be able to connect to DMZ devices on certain ports ?

What exactly do you want to achieve ?

Jon

0 Helpful

Joli Martinez
Level 1
Level 1
In response to Jon Marshall

‎08-27-2015 01:57 PM

My ISP gives me a some public IP's these IP's are on the outside.  I would like my DMZ network to be able to communicate to the network on the outside.  Right now I can not ping my outside IP's from the DMZ network side.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card