03-04-2011 10:53 AM - edited 03-06-2019 03:53 PM
Have a routing issue, trying to setup FTP site in DMZ. The route will work outside via the gateway, but I can't get to the DMZ unless I change the the gateway to the inside FW IP address. So, I try and ping the FTP server and get no reply when Gateway is the Outside FW. When I change the IP of GW on the server to the inside FW address I can get a reply. I need to make a route here somewhere, just not sure where. Any ideas?
03-04-2011 10:58 AM
Hi Lewis,
can you provide everyone here with a topology + ip addressing structure and explain a little more on what are you trying to do ? I would make everyone's life a little easier on understanding the issue and thereby helping you out.
Manish
03-04-2011 11:04 AM
The topology is front firewall, dmz, back firewall, isa, layer 3 internal. The DMZ IP is say 11.10.1.1 . Internal is 192. The outside FW is being used as the GW on the FTP. However, I can't ping or RDP to the server with that address internally. I can if I set the IP to the internal FW for the GW address. Make more sense now?
03-04-2011 11:26 AM
Assuming I get this right, your FTP server is in the DMZ, right? So, why not use the DMZ interface IP (11.10.1.1) as your gateway? I'm kinda cloudy with your topology description, though.
03-04-2011 11:29 AM
You want me to use the IP address as the Gateway address?
03-04-2011 11:35 AM
As I said, I'm not sure I understand your topology. Provide something like this (sample)
Internet --------> outside (x.x.x.x) ----------> DMZ (y.y.y.y) ------------> FTP server (z.z.z.z)
This will make your situation easier to visualize. Just a suggestion.
03-04-2011 12:37 PM
Your topology is correct. I think I may have answered my own question, two nics. With two nics the inside and outside will be able to be accessible. I am going to give that a shot.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide