Re: [fw-wiz] PIX 515E config - DMZ host to inside host

I would simply conifgure the internal subnet to map to the DMZ with no
address translation. So, using "static (internal,dmz) 10.133.24.0
10.133.24.0 netmask 255.255.255.0" would allow the computer at
10.134.1.2 to simply access 10.133.24.3 directly.


--
John


-----Original Message-----
From: Chris Mitchell

PIX newbie here, not really a firewall guy but need to get some stuff
done with it, and am pretty good at basic configs. I have a 515E with 3
interfaces (inside, outside, DMZ)- I need to allow access from a host in
the DMZ to an internal host.

DMZ host - 10.134.1.2
Internal host - 10.133.24.3

====================================================
This email is confidential and intended solely for the use of the
individual or organization to whom it is addressed. Any opinions or
advice presented are solely those of the author and do not necessarily
represent those of the Millward Brown Group of Companies. If you are
not the intended recipient of this email, you should not copy, modify,
distribute or take any action in reliance on it. If you have received
this email in error please notify the sender and delete this email
from your system. Although this email has been checked for viruses
and other defects, no responsibility can be accepted for any loss or
damage arising from its receipt or use.
====================================================

_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards

Relevant Pages

  • Re: [fw-wiz] PIX 515E config - DMZ host to inside host
    ... I know that the config is a bit of a mess, I inherited it from a past ... difficult to do on a production system. ... the DMZ to an internal host. ...
    (Firewall-Wizards)
  • ipf + ipnat + dmz + bridge question
    ... DMZ and one to the LAN. ... I have ipf and ipnat running along with FreeBSD ... inet xxx.yyy.200.106 netmask 0xffffffff broadcast ...
    (freebsd-questions)
  • Multiple NATs PIX 515
    ... I have a PIX with the following Networks ... I currently have a static NAT which allows an outside address direct ... access to the servers in the DMZ. ... I need to add a translation which allows servers in the DMZ access to hosts ...
    (comp.dcom.sys.cisco)
  • Re: natd[]: failed to write packet back (permission denied)
    ... "Kyle" writes: ... > from the DMZ, but I occasionally get this message and I can't get a handle ... > on what is causing it... ... available after the translation). ...
    (comp.unix.bsd.freebsd.misc)