Firewall rule to allow access to new subnet
Hi,
Can someone please help me with this? I can’t seem to get my firewall rule to work.
We have an existing network 153.87.180.0 and I want to allow a new subnet 172.24.0.0 to access servers on this network. I have added this rule (using Cisco SDM)
permit source network 172.24.0.0 mask 0.0.255.255 protocol ip destination network 153.87.180.0 mask 0.0.0.255
But I still can’t ping a computer on the 172.24.0.0 network from the 153.87.180.0 network? What have I missed?
Can someone please help me with this? I can’t seem to get my firewall rule to work.
We have an existing network 153.87.180.0 and I want to allow a new subnet 172.24.0.0 to access servers on this network. I have added this rule (using Cisco SDM)
permit source network 172.24.0.0 mask 0.0.255.255 protocol ip destination network 153.87.180.0 mask 0.0.0.255
But I still can’t ping a computer on the 172.24.0.0 network from the 153.87.180.0 network? What have I missed?
fritz5150
You will also have to setup a nat exempt statement to allow access.
For the traffic traveling from Public to Private Ip ranges (When u ping from 153 range to 172.24 range), you will have to do a NAT .. and that too a Static NAT. Form a public network you cannot ping a Private IP.
ASKER
Hi, thanks for your comments.
Can you please give me an example of a nat exempt rule that would allow the 153.87.180.0 network access to the 172.24.0.0 network?
Can you please give me an example of a nat exempt rule that would allow the 153.87.180.0 network access to the 172.24.0.0 network?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Found my own solution, thanks.