Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

DMZ to inside

Status
Not open for further replies.
bobm10

bobm10

IS-IT--Management
Aug 28, 2003
5
US
If I do the following, will machines in DMZ1 have port 80 access to machines in the inside or just on the outside?

nameif ethernet0 outside security0
nameif ethernet1 inside security100
nameif ethernet2 dmz1 security50
access-list In_dmz1 permit tcp any any eq www
access-group In_dmz1 in interface dmz1

Now if I add the static below will the DMZ now have access to the inside?

static (inside,dmz1) 192.168.1.0 192.168.1.0 netmask 255.255.255.0 0 0

Thanks Bob
 
Sort by date Sort by votes
Just the inside, because there's no translation for going to the outside interface. Also, to go from the dmz1 to outside, the translation entry would be all that's required since the source interface is a higher security level than destination interface.

But, you're kind of defeating the purpose of having a firewall if you're just going to allow any tcp connection from a lower security interface to a higher one.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sameer258
  • Locked
  • Question
Need Help to Find ip and mac address with email who one open my email
Replies
0
Views
292
Sameer258
Sameer258
Sparrow4
  • Locked
  • Question
Configure Avaya IPO R11 / VM Pro + Office365 or Exchange for voicemail to email
Replies
2
Views
307
Johnkite
Johnkite
sudhakar346
  • Locked
  • Question
Cisco ASA inside to DMZ issue over public IP
Replies
2
Views
102
kythri
kythri
Tommy_T
  • Locked
  • Question
Sonic wall - Have an issue remotely connectioning VNC and SMB (and AFP) to one of the 2 ISP circuits
Replies
1
Views
251
nnaarrnn
nnaarrnn
Russtoleum
  • Locked
  • Question
Windows client can't connect to sonicwall l2tp server
Replies
0
Views
85
Russtoleum
Russtoleum

Part and Inventory Search

Sponsor

Back
Top