?
Solved

Cisco ASA DMZ question

Posted on 2007-04-11
8
Medium Priority
?
729 Views
Last Modified: 2008-01-09
We are using the CIsco ASA 5505 IOS version 7.1(1) We have created a DMZ however are unable access the DMZ from the inside?  So for example our DMZ is 10.1.3.X and our internal network is 10.1.4.X. I am able to ping a computer 10.1.3.9, however I can not reach it via http://10.1.3.9.

Thanks

0
Comment
Question by:jbuddy
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
8 Comments
 
LVL 32

Expert Comment

by:rsivanandan
ID: 18899190
Do you have any access-lists applied on the inside?

Do you have both dmz and inside on the same security level?

If both are not; then we would need to see your configuration.

Cheers,
Rajesh
0
 

Author Comment

by:jbuddy
ID: 18907542
The inside security interface is set at 100 the DMZ is set at 50. If I put an ACL allowing ICMP I can ping the server at 10.1.3.9, however if I try to allow any, only ping still works I cannot contact the webserver at port 80 or rdp.

Thanks
0
 

Author Comment

by:jbuddy
ID: 18907621
And only 2 implicit rules exist on the inside interface
0
Get real performance insights from real users

Key features:
- Total Pages Views and Load times
- Top Pages Viewed and Load Times
- Real Time Site Page Build Performance
- Users’ Browser and Platform Performance
- Geographic User Breakdown
- And more

 
LVL 32

Expert Comment

by:rsivanandan
ID: 18909457
Ok, can you post a sanitized configuration here (remove passwords and first octect of public ip addresses)

Cheers,
Rajesh
0
 

Accepted Solution

by:
jbuddy earned 0 total points
ID: 20488197
I had to add 2 implicit rules to allow access
0
 
LVL 32

Expert Comment

by:rsivanandan
ID: 20489894
JBuddy,

  Isn't it after looking at my first post you realized that you need to have allow access in your access-list? Why are you closing the question like this?

Cheers,
Rajesh
0
 
LVL 1

Expert Comment

by:modus_operandi
ID: 20517467
Closed, 500 points refunded.
modus_operandi
EE Moderator
0

Featured Post

Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as the high-speed power of the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Cyber News Rundown brings you the latest happenings in cyber news weekly. Who am I? I’m Connor Madsen, a Webroot Threat Research Analyst, and a guy with a passion for all things security. Any more questions? Just ask.
This article is written by John Gates, CISSP. Gates, the SNUG President-Elect, currently holds the position of Manager of Information Systems at Lake Park High School in Roselle, Illinois.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question