Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3187
Views
0
Helpful
16
Replies

How can we allow Internal Network to access DMZ network?

Go to solution
Beginnerrr
Level 1
Level 1

‎11-21-2023 03:50 AM - edited ‎11-21-2023 04:11 AM

Internal-DMZ.png
I am trying to configure the ASA to allow the Internal Network to access web service provided by DMZ web server which is on the DMZ network. Above is my network diagram.

In My ASA configuration.

 

interface e0/0
nameif inside
security-level 100
192.168.20.5 255.255.255.0
 
interface e0/1
nameif dmz
security-level 70
192.168.30.6 255.255.255.0
 
object network internal-network
subnet 192.168.20.0 255.255.255.0
 
object network dmz-server
host 192.168.30.200
 
access-list internal_web_in extended permit ip object internal-network object dmz-server eq www
access-group internal_web_in in interface inside
 
I am unable to access web service on the DMZ server from the Internal PC
 
Please kindly assist.
 
Thank you

 

 

0 Helpful
16 Replies 16

Go to solution
Beginnerrr
Level 1
Level 1
In response to Marvin Rhoads

‎11-21-2023 04:27 AM

I am accessing the server via IP address.

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to Beginnerrr

‎11-21-2023 04:40 AM

And you confirmed the items mentioned by @Rob Ingram in his most recent reply?

Have you verified the DMZ server is listening on tcp/80? (use the following command as admin from the server cli: netstat -a | find ":80")

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card