I have a internet router with 3 interfaces:

- 1 WAN

- 1 DMZ (192.168.2.1) - servers 192.168.2.10/11/12/15

- 1 LAN (192.168.1.1)

Furthermore I have a Cisco CRS1000v internal router with also 3 interfaces:

- 1 LAN (192.168.1.2) - outside

- 1 SQL (192.168.3.1) - inside - servers 192.168.3.10/11/12

- 1 WIN (192.168.4.1) - inside - servers 192.168.4.10

I have an internet connection from SQL and WIN to the Internet. 

I can ping server from SQL to WIN.

I can ping servers from WIN to SQL.

I can ping servers from SQL and WIN to DMZ

But I cannot ping servers from DMZ to WIN or SQL. Tracert stops at 192.168.2.1 (LAN outside interface Cisco)

What am I missing here?

Enclosed you will find my running-config.

Any help would be appreciated and many thanks in advance.

Kind regards,

DB