?
Solved

Allow access via DMZ to addresses assigned to another ASA interface

Posted on 2010-11-26
4
Medium Priority
?
407 Views
Last Modified: 2012-05-10
Hi,

I've configured wireless access through our ASA 5510 using the manner described here:

http://www.experts-exchange.com/Security/Software_Firewalls/Enterprise_Firewalls/Cisco_PIX_Firewall/Q_23451240.html

Everything works great, however I need to let clients on the wireless interface access the outside addresses assigned on another interface on the ASA.

I haven't been able to figure out how to do this. How do I let clients accessing from one interface get to the services hosted on another?
0
Comment
Question by:PaulELS
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
4 Comments
 
LVL 4

Expert Comment

by:ullas_unni
ID: 34219404
if i understood correctly then you want your dmz users to access resources in the inside lan network?
0
 
LVL 2

Author Comment

by:PaulELS
ID: 34219662
No, not quite. I want the DMZ users to be able to access public resources that are available through the outside interface.

For example:

AAA.AAA.AAA.AAA = Outside IP = webmail.example.com

I want a user on the DMZ to be able to access public IP AAA.AAA.AAA.AAA which is on the outside interface to access webmail.example.com.
0
 
LVL 2

Accepted Solution

by:
PaulELS earned 0 total points
ID: 34219723
I did some more testing and got this to work with the following.

object-group service webmail tcp
 port-object eq www
 port-object eq https
access-list wirelessdmz_access extended permit tcp any host AAA.AAA.AAA.AAA object-group webmail
0
 
LVL 2

Author Closing Comment

by:PaulELS
ID: 34246381
Solution posted.
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question