Internet access
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-20-2013 11:33 PM - edited 03-11-2019 06:32 PM
Hi,
Port forwarding done to a DMZ located server on the cisco ASA 5520. Now this host cannot browse but allowed outside to inside access is possible.
Here is the configs done for this.
Inbound ACL
===========
access-list outside_access_in extended permit tcp any host 94.20.*.* eq ftp
access-list outside_access_in extended permit tcp any host 94.20.*.* eq ftp-data
access-list outside_access_in extended permit tcp any host 94.20.*.* eq www
Inbound static nat
==================
static (DMZ,OUTSIDE) tcp 94.20.*.* ftp-data FTPserver ftp-data netmask 255.255.255.255
static (DMZ,OUTSIDE) tcp 94.20.*.* ftp FTPserver ftp netmask 255.255.255.255
static (DMZ,OUTSIDE) tcp 94.20.*.* www FTPserver www netmask 255.255.255.255
Is there anyway i can give this system to browse internet? may be through the natted IP ( 94.20.*.*)
Thanks
- Labels:
-
NGFW Firewalls

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-21-2013 01:30 AM
Hi you can use the packet-tracer command to have a look what the ASA is thinking might give you an idea.
Hth
Sent from Cisco Technical Support Android App
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-21-2013 04:15 AM
Browsing issue has been resolved by Pating the outbound access from this host.
