Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1076
Views
0
Helpful
1
Replies

PIX 525

abbas.ali
Level 1
Level 1

‎03-15-2002 11:25 PM - edited ‎02-20-2020 10:00 PM

Hello All,

I have a dmz interface running on network 192.168.2.0 and inside network running on 192.168.1.0. I want all of my devices on dmz to connect to devices on inside network. What conduit commands I could use in conjuction with the command below to open the whole network from dmz to inside.

static (inside, dmz) 192.168.1.0 192.168.1.0 netmask 255.255.255.0

0 Helpful
1 Reply 1

bdube
Level 2
Level 2

‎03-16-2002 08:53 AM

Hi,

That kind of configuration is completely unsecure. What you want, is opening completely your internal network from DMZ, and this one, by definition, is open to the Internet, then internal nets will be open to the Internet through DMZ servers. Of course, it's possible to do that, but you shouldn't. But, if you absolutely want that config, move your servers to inside and kill your DMZ network, you don't need it anymore. Don't forget, F/Ws aren't miracle box against hackers. They just filtered out some attacks based on the security you have configured on it. Then, f/w is as good as the person who has configured it.

If you want some advices on this subject, you can contact me directly.

Ben

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card