Hi,
I created simple PIX,inside,outside and dmz.....my inside to outside connection working just fine...outside to inside also work fine ...but outside to dmz not working
global (outside) 1 110.110.110.200-110.110.110.253
global (outside) 2 110.110.110.254
nat (inside) 0 access-list NONAT
nat (inside) 1 10.0.0.0 255.0.0.0 0 0
nat (DMZ) 2 172.16.0.0 255.255.0.0 0 0
access-group OUT_IN_DMZ in interface outside
access-group DMZ_IN in interface DMZ
access-list OUT_IN_DMZ permit tcp host 110.110.110.2 110.0.0.0 255.0.0.0 eq teln
et
access-list DMZ_IN permit tcp any any eq telnet
access-list DMZ_IN permit ip any any
access-list NONAT permit ip 10.0.0.0 255.0.0.0 172.16.0.0 255.255.0.0
I did above config in PIX to only allow telnet traffic inside my network and DMZ from outside now outside to inside telnet possible with first host suppose 110.110.110.200 .... unfortunately DMZ to outside work but outside to DMZ 110.110.110.254 not telnetting ???????!!!!!!!!!!!
Please help me why outside to DMZ not telnet even though DMZ to outside telnet and outside also get global address 110.110.110.254 !!!!
so inshort
inside --->outside 10.1.1.2 --- 110.110.110.200 (after NAT) telnet-------> 110.110.110.2 good
dmz----->outside 172.16.1.2 ---- 110.110.110.254(after NAT) telnet ------>110.110.110.2 good again
but
outside ---->dmz 110.110.110.2----110.110.110.254 telnet bad
Thanks in advance I attached my lab and config with this mail.
Bye,