About ashish_kandari

ashish_kandari · 08-06-2010

I have a scenerio, my outside and inside network are connected via inside interface of my firewall pix. And dmz is connected via dmz. Inside has security level 100 and dmz has 40,from dmz i can access inside lan, but not able to access internet. KIn...

ashish_kandari · 08-06-2010

i can check that, but for that i will need down time... as some connection will also drop.. second thing.... for traffic from lower to higher security level, dont we need static nat. ......

ashish_kandari · 08-06-2010

static (dmz,inside) 10.0.0.0 10.1.1.1 netmask 255.255.255.255This is becoz..dmz and inside are using approx same kind of ip range means.. 10.*.*becoz of this command access from dmz to inside is possible, but not towards internet......In my firewall ...

ashish_kandari · 08-06-2010

but i dont have any outside interface configured.....Outside- router---inside --firewall---dmz.Outside and inside are on same side of firewall...this config :global (outside) 1 interfacenat (inside) 1 0.0.0.0 0.0.0.0nat (dmz) 1 0.0.0.0 0.0.0.0I thnk ...

ashish_kandari · 08-06-2010

static (inside,dmz) 10.0.0.0 10.0.0.0 netmask 255.0.0.0 0 0static (dmz,inside) 10.0.0.0 10.1.1.1 netmask 255.255.255.255 0 0nat (dmz) 2 10.2.1.2 255.255.255.248 0 0nat (dmz) 2 10.2.3.0 255.255.255.224 0 0nat (dmz) 2 10.7.1.32 255.255.255.224 0 0globa...

ashish_kandari · 03-04-2010

Pointnat (inside) 0 access-list inside_nat0_outboundaccess-list inside_nat0_outbound extended permit ip host 1.1.1.1 10.6.25.0 255.255.255.0Means Source 1.1.1.1 to 10.6.25.0 ( no nat)But it is givcen like this :static (outside,inside) 10.6.25.2 192.1...

Member Since	‎03-04-2010 04:49 PM
Date Last Visited	‎08-18-2017 03:54 AM
Posts	6

User Statistics

User Activity

Access from dmz to internet, where internet and inside lan are on same interface

Re: Access from dmz to internet, where internet and inside lan a

Re: Access from dmz to internet, where internet and inside lan a

Re: Access from dmz to internet, where internet and inside lan a

Re: Access from dmz to internet, where internet and inside lan a

Re: NAT clarification