?
Solved

pix , config dmz webserver to talk inside dns server

Posted on 2006-06-17
3
Medium Priority
?
533 Views
Last Modified: 2010-04-09
I'm new to pix and I need my DMZ webserver to talk to my internal dns server. Do I need to create static entry or just
acl. Can you please give example. Thanks
0
Comment
Question by:rxn6057
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 79

Accepted Solution

by:
lrmoore earned 500 total points
ID: 16926892
You have to do both:
Example:

ip address inside 192.168.123.1 255.255.255.0
ip address DMZ 192.168.124.1 255.255.255.0
name DNSSERVER 192.168.123.123
name WEBSERVER 192.168.124.24

access-list DMZ permit udp host 192.168.124.24 host 192.168.123.123 eq 53
access-list DMZ deny ip host 192.168.124.24 192.168.123.0 255.255.255.0
access-list DMZ permit ip host 192.168.124.24 any
static (inside,DMZ) 192.168.123.123 192.168.123.123 netmask 255.255.255.255
access-group DMZ in interface DMZ


0
 

Author Comment

by:rxn6057
ID: 16926941
Irmoore,
So, when traffic is going from low to high I will always need a static and acl entry. Is this correct?
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 16926999
Correct. Unless you upgrade to the new 7.x version (only for 515 and higher)
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…
Suggested Courses

718 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question