08-06-2007 02:22 AM - edited 03-11-2019 03:53 AM
Good day. It is necessary to make translation of the address between 2 interfaces:
dmz2 security-level 10
dmz1 security-level 40
In dmz2 62.33.x.77 address It is necessary that in a network dmz1 it was accessible to the address of 62.165.y.77 the Command:
static (dmz2, dmz1) 62.165.y.77 62.33.x.77 netmask 255.255.255.255
will solve a task in view?
08-06-2007 02:52 AM
Hello!
Where is your server located dmz1 or dmz2?
The command you mentioned here means the server is located in dmz2 and it has IP 62.33.x.77 and you want to access it from dmz1 using its translated ip, that is 62.165.y.77
is this what you wanted?
Plz rate if this is helpful!
08-06-2007 03:36 AM
My server is in dmz2 and has 62.33.x.77 address. I want, that to it had access from dmz1 to the address of 62.165.y.77, and it could have access in dmz1 with 62.165.y.77 address.
08-06-2007 03:41 AM
Yes, this should work fine if you do not have any access-lists applied to the dmz1, but if you have any ACL's make sure the permission is allowed to the 62.165.y.77 ip...
regards,
08-09-2007 12:43 AM
When i`m ping from host in dmz2 62.33.x.77 host in dmz1 192.168.230.10, I do not receive the answer
in log i'm see
Aug 9 14:23:11 pix-firewall Aug 09 2007 14:23:11: %PIX-3-305005: No translation group found for icmp src dmz2:62.33.x.77 dst dmz1:192.168.230.10 (type 8, code 0)
Why? Sorry for my bad english.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide