Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
653
Views
0
Helpful
2
Replies

Enabling DMZ interface

Lavanholy
Level 1
Level 1

‎04-14-2009 04:48 AM - edited ‎03-11-2019 08:17 AM

Hi,

I have Cisco ASA5510 ,and configured the interface 0/0 as a OUTSIDE and assigned an IP address,interface 0/1 is assigned as a INSIDE and assigned an IP address,I have configured the interface 0/3 as a DMZ ,and assigned an IP address and NATTING and done properly,still I am not able to access the internet from teh DMZ zone,where as we are able to access the internet from teh INSIDE zone.

Is there any license issue to enable the DMZ?Please help me

Regards,

Labels:
0 Helpful
2 Replies 2

acomiskey
Level 10
Level 10

‎04-14-2009 04:52 AM

Post your config.

0 Helpful

Lavanholy
Level 1
Level 1
In response to acomiskey

‎04-14-2009 06:11 AM

Please see below the configuration:

ASA Version 8.0(4)

!

hostname ciscoasa

enable password 8Ry2YjIyt7RRXU24 encrypted

passwd 2KFQnbNIdI.2KYOU encrypted

names

!

interface Ethernet0/0

nameif OUTSIDE

security-level 0

ip address 202.169.212.81

255.255.255.248

!

interface Ethernet0/1

nameif INSIDE

security-level 100

ip address 172.20.0.1 255.255.0.0

!

interface Ethernet0/2

nameif DMZ

security-level 50

ip address 192.168.2.1 255.255.255.0

!

interface Ethernet0/3

shutdown

no nameif

no security-level

no ip address

!

interface Management0/0

nameif management

security-level 100

ip address 192.168.1.1 255.255.255.0

management-only

!

ftp mode passive

dns domain-lookup OUTSIDE

dns server-group DefaultDNS

name-server 193.88.97.197

name-server 193.88.97.212

pager lines 24

logging asdm informational

mtu OUTSIDE 1500

mtu INSIDE 1500

mtu DMZ 1500

mtu INSIDE 1500

mtu DMZ 1500

mtu management 1500

no failover

icmp unreachable rate-limit 1 burst-size 1

asdm image disk0:/asdm-613.bin

no asdm history enable

arp timeout 14400

nat-control

global (OUTSIDE) 1 interface

nat (INSIDE) 1 172.20.0.0 255.255.0.0

nat (DMZ) 1 192.168.2.0 255.255.255.0

route OUTSIDE 0.0.0.0 0.0.0.0 202.169.212.82 1

timeout xlate 3:00:00

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02

timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00

timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00

timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute

dynamic-access-policy-record DfltAccessPolicy

.

.

.

.

.

Please go through the above configuration and do the needful.

Regards,

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card