Re: [fw-wiz] DMZ to INSIDE Communication



So you weren't running into the issue of the base license not allowing
DMZ initiated traffic to the inside network?

"With the Base platform, communication between the DMZ VLAN and the
Inside VLAN is restricted: the Inside VLAN is permitted to send traffic
to the DMZ VLAN, but the DMZ VLAN is not permitted to send traffic to
the Inside VLAN."

http://cisco.com/en/US/docs/security/asa/asa72/getting_started/asa5505/quick/guide/vlans.html#wp1101628

Anthony

chris mr wrote:
Thanks for your help...

I had to add another static into the ASA and ACL on DMZ in.

mail.domain.com = 12.x.x.x
EXCHANGE1 = natted ip of Exchange on inside

static (inside,DMZ) tcp 12.x.x.x smtp EXCHANGE1 smtp netmask 255.255.255.255


____________________________________________________________________________________
Don't let your dream ride pass you by. Make it a reality with Yahoo! Autos.
http://autos.yahoo.com/index.html



_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards



_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards



Relevant Pages

  • Re: [fw-wiz] DMZ to INSIDE Communication
    ... Chris, you've confused the idea of a real IP vs a NAT IP. ... DMZ and inside networks. ... communication between the DMZ VLAN and the ...
    (Firewall-Wizards)
  • Re: STP, VLANs redundant router problem
    ... > A device plugged into a DMZ port on 5324.1 can not access other devices with ... > the DMZ VLAN but connected to one of the other 5324's. ... on another switch is weird because there should be no router ...
    (comp.dcom.lans.ethernet)
  • Re: [fw-wiz] DMZ to INSIDE Communication
    ... I had to add another static into the ASA and ACL on DMZ in. ... EXCHANGE1 = natted ip of Exchange on inside ... Don't let your dream ride pass you by. ...
    (Firewall-Wizards)