Hello !
I am doing NAT lab in GNS3 with ASAv & trying to allow web server in "dmz" zone access from "outside" and "inside" zone by using "object nat". But both outside & inside failed access to DMZ's web server. The acls are already in place. I've attached my config as below, kindly advise me the points I'm missing..
#######################################################
ASAv/act/pri(config)# sh ip
System IP Addresses:
Interface Name IP address Subnet mask Method
GigabitEthernet0/0 DMZ 192.168.1.1 255.255.255.0 CONFIG
GigabitEthernet0/1 outside 172.16.32.1 255.255.255.0 CONFIG
GigabitEthernet0/2 inside 192.168.30.1 255.255.255.0 CONFIG
GigabitEthernet0/3 folink-1 10.1.1.1 255.255.255.252 unset
GigabitEthernet0/4 folink-2 10.2.2.1 255.255.255.252 unset
#######################################################
ASAv/act/pri(config)# sh run object
object network Inside-LAN
subnet 192.168.30.0 255.255.255.0
object network DMZ-Zone
subnet 192.168.1.0 255.255.255.0
object network Web-Public
host 172.16.32.100
object network Web-Internal
host 192.168.1.254
#############################################
ASAv/act/pri(config)# sh run | i DMZ-IN|OUTSIDE-IN
access-list OUTSIDE-IN extended permit tcp any host 192.168.1.254 eq 8080
access-list DMZ-IN extended permit icmp any any
access-list DMZ-IN extended permit tcp any host 192.168.1.254 eq 8080
access-group DMZ-IN in interface DMZ
access-group OUTSIDE-IN in interface outside
Regards,
Bob