Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

dmz access issue

Status
Not open for further replies.

DV37201

MIS
Dec 21, 2001
19
US
I have a single in the DMZ of my pix. I have a static command tying the public address to the private address of the server, but I realized today that there is no access list allowing traffic to hit the server, I must have removed it at some point. So, I can't figure out why people are still able to access our web server from the outside. I was under the impression an access list or a conduit was necessary for any traffic to cross an interface with a higher security level. Any ideas would be appreciated.

Thanks

Brian
 
yes, thats correct, you do need an access list or conduit. Can you post the config - sounds like you've got a rougue rule there something.
 
Thanks Tony. I figured it out as I was under the delusion that access list for DMZ access had to be tied to the DMZ interface. I was ignoring the access list for the web server that was tied to the outside.

Thanks
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top