02-02-2005 06:46 AM - edited 03-09-2019 10:12 AM
I am trying to place public servers such as Web Server, DNS Server and Outside Mail Server in dmz zone using separate dmz interface for each one. I was able to put Web Server successfully in DMZ using static nat. But when I tried putting other servers like DNS and Mail Server using static nat, I couldnt get addresses translated from dmz interface to outside interface.
Inside network: 10.8.0.0/20
Outside network: 63.127.167.192/27
Web-dmz1: 192.168.0.0/24
Dns-dmz2: 192.168.1.0/24
Mail-dmz3: 192.168.2.0/24
I have attached the current running configuration from Cisco PIX 515E.
Current status: Inside network is behind firewall and is PATed. VPN is working fine Web Server is placed in DMZ zone and outside people can access it, but not internally.
I have attached the running-config of PIX 515E....
I would appreciate if anyone could help me in this problem.
Thanks,
Mayur Shah (Network Analyst)
02-02-2005 11:42 AM
sorry the config is not attached, could you make sure you have all the static and access-lists in place
02-02-2005 12:21 PM
02-02-2005 01:39 PM
seems like the inside is not able to access dmz networks. these are the commands you need to add into your pix firewall
global (web-dmz1) 10 interface
global (dns-dmz2) 10 interface
global (mail-dmz3) 10 interface
global (citriz-dmz4) 10 interface
thanks
Nadeem
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide