Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
231
Views
0
Helpful
1
Replies

Migrating to a DMZ

javierdiaz
Level 1
Level 1

‎08-08-2004 09:25 PM - edited ‎03-09-2019 08:21 AM

Hi..

I have a 515e with three interfaces:

inside: 192.10.200.181

outside 10.20.1.253

DMZ: 172.16.1.1

Originally i had a webserver in the inside network and accessing from internet through a static:

static (inside,outside) 10.20.1.210 192.10.200.210 255.255.255.255

access-list in_web permit tcp any host 10.20.1.210 eq www

access-group in_web in interface outside

This works fine.

I installed a DMZ and move the webserver to this interface wit address 172.16.1.2.I configure a static:

static (DMZ,outside) 10.20.1.210 172.16.1.2

255.255.255.255

access-list in_web permit tcp any host 10.20.1.210 eq www

access-group in_web in interface outside

The problem is that i can reach the webserver from internet.

I check with the command "sh xlate" and i saw that there is a translation from Global 10.20.1.210 to 172.16.1.2 but i can´t see the server.

Any idea what if wrong???

Thanks

JD

Labels:
0 Helpful
1 Reply 1

scoclayton
Level 7
Level 7

‎08-09-2004 06:25 AM

Any chance you can post the output of a 'sh conn detail'?

Scott

0 Helpful
Customers Also Viewed These Support Documents