education-dynamics
asked on
Cisco ASA DMZ question
I have 2 questions:
So we are setting up a new ASA and we are having trouble with the inside network (10.0.0.0/8) network accessing the DMZ (22.22.22.0/24) network. Hosts on the inside network are not able to ping or reach any device on the DMZ subnet. How can we fix this issue because we get a rpf error when using Packet-tracer to see why this is not reaching its destination on the DMZ?
2nd question, how would we go about setting up a NAT overload to use a public IP to mask the address range of internet users on the inside network?
Thanks for your help, i have attached our config to this request
ASA-SampleConfig.txt
So we are setting up a new ASA and we are having trouble with the inside network (10.0.0.0/8) network accessing the DMZ (22.22.22.0/24) network. Hosts on the inside network are not able to ping or reach any device on the DMZ subnet. How can we fix this issue because we get a rpf error when using Packet-tracer to see why this is not reaching its destination on the DMZ?
2nd question, how would we go about setting up a NAT overload to use a public IP to mask the address range of internet users on the inside network?
Thanks for your help, i have attached our config to this request
ASA-SampleConfig.txt
Hosts on the inside network are not able to ping or reach any device on the DMZ subnet.
policy-map global_policy
class inspection_default
inspect icmp
policy-map global_policy
class inspection_default
inspect icmp
ASKER
Thanks for answering PeteLong, I added your commands in the config and still cannot ping into the DMZ.
Any other ideas?
Any other ideas?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Cheers Ernie
My pleasure mate :)
object network obj_any
nat (any,outside) dynamic interface