Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
538
Views
0
Helpful
1
Replies

TRAFFIC Between 2 DMZs

Jean Paul Enerst
Level 7
Level 7

‎10-01-2010 09:14 AM - edited ‎03-11-2019 11:48 AM

Hi Pros,

               I have a problem with traffic in two DMZs. Let's call them DMZ10 and DMZ20. DMZ10 has a security level of 40 and dmz20 has a security level of 90. By default, the higher sec level is able to access, the lower sec level, but if you want the lower sec level to access the higher one, you need to create an access rule. Using the Packet tracert, my highest sec level,in this case DMZ20, can't ping any device in DMZ10. Packet tracert shows that the interface of the DMZ20 drop the packet, i tried to add and access to explicitely permit dmz10 that didn't change a thing. I add a simular rule of dmz10 with no success result.

Can someone help me shed some light on this issue?

Thanks,

Paul

Labels:
0 Helpful
1 Reply 1

mirober2
Cisco Employee
Cisco Employee

‎10-01-2010 09:16 AM

Hi Paul,

Can you please post a copy of your config? We would need to see the ACLs and NAT rules that apply to these interfaces. Also, the full packet-tracer output may help as well (i.e. what step was the packet being dropped on?).

-Mike

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card