Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
872
Views
0
Helpful
1
Replies

Passing traffic from dmz1 to dmz2 using a PIX 515 - IOS 6.22

alan.bird
Level 1
Level 1

‎11-14-2002 02:11 PM - edited ‎02-20-2020 10:22 PM

I have a PIX 515 with 6 interfaces (4 dmz). Users in inside can pass traffic to outside. Internet users can access to a web server in dmz2. But, the web server on dmz2 can't initiate sessions to dmz1.

Dmz1 have a security level of 80 and dmz2 40.

I know that when a session have been originating from a lower security interface to a higher security interface should be a static rule.

Example:

static (dmz1,dmz2) 192.168.2.22 192.168.1.2 netmask 255.255.255.255

access-list acl_dmz2 permit tcp any host 192.168.2.22 eq www

access-group acl_dmz2 in interface dmz2

This is not working in my pix.... any idea?

0 Helpful
1 Reply 1

rgrcommo
Level 1
Level 1

‎11-14-2002 09:25 PM

Does 192.168.2.22 know how to get to 192.168.1.2? Make sure you have a route for that.

-rgrcommo

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card