mfoolb@gmail.com
Guest
|
 Posted:
Tue Dec 06, 2005 3:51 pm Post subject:
PIX 515E help request |
|
|
Hi all,
I have WEBSERVER in the DMZ and two application server in the inside
(AS1 and AS2).
The WEBSERVER accept http connection from the Internet and than
need to ask for data to the inside network; how to add this rule in the
following configuration to let WEBSERVER access the two server AS1 and
AS2 in the inside network?
WEBSERVER: 35.35.35.35
AS1: 192.168.1.100
AS2: 192.168.1.101
Relevant part of configuration:
interface ethernet0 auto
interface ethernet1 auto
interface ethernet2 auto
nameif ethernet0 outside security0
nameif ethernet1 inside security100
nameif ethernet2 DMZ security4
enable password XXXXXXXXXXX encrypted
object-group service WebServer tcp
port-object eq www
port-object eq https
access-list outside_access_in permit tcp any host A.B.C.19
object-group WebServer log 7
access-list 110 permit ip 192.168.1.0 255.255.255.0 192.168.2.0
255.255.255.0
ip address outside A.B.C.18 255.255.255.0
ip address inside 192.168.1.1 255.255.255.0
ip address DMZ 35.35.35.1 255.255.255.0
global (outside) 1 interface
global (DMZ) 1 35.35.35.5-35.35.35.20
nat (inside) 0 access-list 110
nat (inside) 1 192.168.1.0 255.255.255.0 0 0
static (DMZ,outside) A.B.C.19 WebServer netmask 255.255.255.255 0 0
access-group outside_access_in in interface outside
route outside 0.0.0.0 0.0.0.0 A.B.C.17 1
Hope I made myself clear.
Thanks in advance,
Marco.
P.S.
Please answer also to my e-mail because I'm not a frequent reader of
the newsgroup. |
|
FAQ
Memberlist
Register
Profile
Log in to check your private messages
Log in