Solved

Cisco ASA DMZ question

Posted on 2007-04-11
8
722 Views
Last Modified: 2008-01-09
We are using the CIsco ASA 5505 IOS version 7.1(1) We have created a DMZ however are unable access the DMZ from the inside?  So for example our DMZ is 10.1.3.X and our internal network is 10.1.4.X. I am able to ping a computer 10.1.3.9, however I can not reach it via http://10.1.3.9.

Thanks

0
Comment
Question by:jbuddy
  • 3
  • 3
8 Comments
 
LVL 32

Expert Comment

by:rsivanandan
ID: 18899190
Do you have any access-lists applied on the inside?

Do you have both dmz and inside on the same security level?

If both are not; then we would need to see your configuration.

Cheers,
Rajesh
0
 

Author Comment

by:jbuddy
ID: 18907542
The inside security interface is set at 100 the DMZ is set at 50. If I put an ACL allowing ICMP I can ping the server at 10.1.3.9, however if I try to allow any, only ping still works I cannot contact the webserver at port 80 or rdp.

Thanks
0
 

Author Comment

by:jbuddy
ID: 18907621
And only 2 implicit rules exist on the inside interface
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 32

Expert Comment

by:rsivanandan
ID: 18909457
Ok, can you post a sanitized configuration here (remove passwords and first octect of public ip addresses)

Cheers,
Rajesh
0
 

Accepted Solution

by:
jbuddy earned 0 total points
ID: 20488197
I had to add 2 implicit rules to allow access
0
 
LVL 32

Expert Comment

by:rsivanandan
ID: 20489894
JBuddy,

  Isn't it after looking at my first post you realized that you need to have allow access in your access-list? Why are you closing the question like this?

Cheers,
Rajesh
0
 
LVL 1

Expert Comment

by:modus_operandi
ID: 20517467
Closed, 500 points refunded.
modus_operandi
EE Moderator
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Knowing where your website is hosted is as important as the features you receive, the monthly fee, and the support you receive. Due diligence should be done when choosing your next hosting provider.
OnPage: Incident management and secure messaging on your smartphone
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question