Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
369
Views
0
Helpful
3
Replies

Having trouble connecting from dmz to outside

malam1969
Level 1
Level 1

‎06-17-2015 11:15 PM - edited ‎03-11-2019 11:08 PM

Hello:

We have a Cisco ASA 5512 running software version 9.1(1)

I am trying to connect from a host in the dmz to the outside and from outside to the host in dmz. I thought its a pretty straight forward configuration, but for some reason, my pings from the dmz host to the outside is not successful. If you can take a look at the configuration below and let me know what i am missing, i would surely appreciate it. 

Thank you in advance.

NAT configuration:

object network DMZ-subnet
 subnet 172.23.11.0 255.255.255.0
 nat (DMZ,outside) dynamic interface
object network DMZ-host-EXT
 host X.X.46.171
object network DMZ-host-INT
 host 172.23.11.11
 nat (DMZ,outside) source static DMZ-host-INT DMZ-host-EXT

 

Access-list:

access-list outside_access_in extended permit ip any object DMZ-host-INT
access-group outside_access_in in interface outside

 

Labels:
0 Helpful
3 Replies 3

Henrik Grankvist
Level 4
Level 4

‎06-17-2015 11:50 PM

Hi

The only thing I see is that "DMZ-host_INT" needs to be removed from the NAT-statement.

object network DMZ-host_INT
 nat (DMZ,outside) source static DMZ-host-EXT
0 Helpful

johnlloyd_13
Level 9
Level 9

‎06-17-2015 11:54 PM

hi,

the info you gave is insufficient.

able to post sanitized config?

0 Helpful

Adeolu Owokade
Level 1
Level 1

‎06-18-2015 06:09 AM

Are you inspecting ICMP in the default MPF configuration?

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card