DMZ Servers - Can't Get to Internet

[newnet22]

Firrst of all, please forgive me if this question is in the wrong section. I wasn't sure where to post.

I am a total newbie at the networking side of things. I've been reading as much as I can, ever since I was put into this position (since our last net engineer left).

We had a completely new network put in place about a month ago. The only testing we didn't do, was to test our DMZ servers having access to the internet (for MS updates etc). We have two 7k Nexus cores that route all web traffic to an IronPort WebProxy appliance via WCCP. We also have 2 ASA's contain web proxy extended ACL. Our internal servers can access the internet without any problelm. I've looked at all of the firewall rules, and the problem doesn't seem like it's with the firewall rules. I'm thinking it's a routing issue. I've checked the config on the firewalls, and do see that there is a route to our internal core. However, I do not see a route from the core back out to the DMZ. I'm not sure if that's the problem or not. I'm kind of hesitant to make any chances, or add any routes. Again, being a newbie sucks!

Please let me know if you'd like to see a posting of my ASA, or 7k running configs. Also, thank you for any help with this.

 

[unclerico]

it could be a routing issue, but then again if the proxies are located on the "inside" of the ASA's then perhaps there is an issue with the ASA configs.

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)