cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1643
Views
1
Helpful
2
Comments
TCC_2
Level 10
Level 10

Resolution

The device in the Demilitarized Zone (DMZ) that needs to be accessed by its natted or unnatted IP address can be accessed with policy natting.

Refer to this example:

access-list tac permit ip host x.x.x.x any

static (dmz,outside) netmask 255.255.255.255
static (dmz,inside)   netmask 255.255.255.255
static (dmz,inside) x.x.x.x access-list tac

For more information, refer to the static command.

Comments

I think this is not a acceptable quality document in any way.

what means that a DMZ can be accesed by its public and private address? from where?

The config is not possible.

manfernandez
Level 1
Level 1

Is the assumption that there is a server in the DMZ that the inside needs to get to on its internal IP and the outside world needs to get to it on the pulblic?

If so, you can nat 0 the traffic from the internal to the DMZ and from the DMZ into the Inside


Also, I beleive Alejabdro is correct in saying that this is not a valid command.  Options are:

configure mode commands/options:
  Hostname or A.B.C.D  Global or mapped address
  interface            Global address overload from interface
  tcp                  TCP to be used as transport protocol
  udp                  UDP to be used as transport protocol

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: