denver218
asked on
Cisco ASA5520 - Servers on the DMZ need access to servers on the internal network
I'm have a Cisco ASA5510 running version 8.2.5. I put a TAC case in a couple months ago regarding servers on the DMZ being able to access servers on the inside interface. Turns out the problem was NAT. The DMZ network was not able to initiate a connection to the inside network until we configured static NAT to itself or NAT exemption as follows:
static (inside,dmz) 10.4.0.238 10.4.0.238 netmask 255.255.255.255
DMZ network is 192.168.15.0/24
Internal network is 10.4.0.0/20
So if I wanted to access 10.4.0.238 from the DMZ network I had to enter the above command. How do I do this for the whole subnet? Not just a single IP address like above?
static (inside,dmz) 10.4.0.238 10.4.0.238 netmask 255.255.255.255
DMZ network is 192.168.15.0/24
Internal network is 10.4.0.0/20
So if I wanted to access 10.4.0.238 from the DMZ network I had to enter the above command. How do I do this for the whole subnet? Not just a single IP address like above?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks. That is what I needed.
ASA 5500 Adding a DMZ Step By Step
Pete