Access to Dmz from remote inside network.

dcristoni · ‎12-16-2003

I have a remote network connect with inside network of the Pix through 2 Router with serial Wan.

Can i connect remote host of remote network with Dmz Server??

Thanks.

mostiguy · ‎12-16-2003

IF the routers are all connected via the inside interface of the PIX, then they should be able to access DMZ resources in the same fashion that users directly connected to the inside interface can. If they cannot:

1. there could be a routing problem with those 2 routers - they might need a static route to be able to talk to the dmz.

2. there could be an access-list bound to the dmz interface of the pix that limits what traffic the dmz hosts can send through the pix - this could be limited to the ip block used by the directly connected inside interface hosts.

I would check both the pix config, and test for routing issues. I would look at what services should be available to those users, and test at each network hop.

dcristoni · ‎12-18-2003

Unfortunately router to my remote network use Eigrp routing.

I can't connect remote host of remote network with Dmz Server.Have you a solution???

Thanks.

haleemk · ‎01-19-2004

Dear dcristoni,

Did u get over your problem ?? if not

in this case you can enable usual nat and global to go to DMZ server.I assume EIGRP is correctly configured to reach at least Pix inside interface.

nat 5 x.x.x.x x.x.x.x (your so called remote network IP and mask )

global 5 x.x.x.x (DMZ server range ip)

Cheers and good luck !!!

Haleem