01-12-2009 09:21 AM - edited 03-09-2019 09:57 PM
I am running a pair of FWSM with version 3.2 code with multiple firewall contexts. I have one context set up as a DMZ (x.x.153.32/27)and another as an application vault (10.x.233.0.24). The DMZ has public address space and the App Vault has private. I try to get a citrix server in the DMZ to talk to a presentation server in the App Vault but never get traffic to flow. I have rules that permit IP between the two context IP ranges bi-directionally but still no traffic. Do I need to designate the vlans so that both context see the vlans in use by the otehr? I have a common vlan on the non-hostile interfaces (x.x.152.0/24) which share a common vlan to my network (VL 152). The hostile areas have different vlans of course which are designated on their hostile interfaces. I can ping from the firewall context to the individual IP addresses (x.x.153.34 and 10.x.233.34) but not from host to host. I have attached sanitized configurations for both instances.
01-20-2009 06:01 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide