Cisco :: Accessing Inside PAT From DMZ Network?
Aug 3, 2011
Setup as follows:
Cisco ASA 5510
Inside 172.17.101.249
outside 5.5.5.2
DMZ 192.168.100.1
I have an internal server 172.16.1.202 that is PAT to 5.5.5.103 to allow RDP connections. - This works fine from the internet.I have now been asked to allow our guest wireless (192.168.100.0/24 - DMZ) to access this same external connection.We have 2 cisco controllers, with the guest controller "anchored" in the DMZ.I cannot get this to work.Both the DMZ and inside NAT their internet connections to 5.5.5.2.
View 4 Replies
ADVERTISEMENT
Jul 5, 2011
Got a problem accessing our webservers on the inside interface from other clients on the inside interface on our ASA 5505.As in, they type in url... in their browser, and it wont work.
However, if we use a PC on another outside network, it works just fine! [code]
View 2 Replies
View Related
Mar 31, 2013
I have a PIX 515e running version 7.2(4).I have 2 interfaces - DMZ3 (sec lvl 50) and LAB (sec lvl 100) behind the pix. There is also the OUTSIDE interface (sec lvl 0) which connects to the internet.In DMZ3 I have a webserver - x.x.124.217/24 (host is NATed via static command to public IP)In LAB I have a server - x.x.1.203/24 (entire range is NATed via NAT/Global statements to public IP)The server in LAB needs to access a webserver in DMZ3. From the internet both of these hosts have public addresses that are NATed into the inside addresses. I can reach the webserver from the internet, but not from the LAB interface.I think I have to add a static command so that the LAB host can access the DMZ3 host without accessing the internet.
View 3 Replies
View Related
Oct 30, 2012
Got an ASA5525-X with 8.6 release. We have an inside interface (10.11.1.0/24) and a DMZ interface (10.254.1.0/24). On that DMZ interface theres an SMTP server; by using the Public server feature in ASDM we created a rule so we have mapped the 10.254.1.29 internal ip to an external ip 217.x.x.x Everything is fine; working ok, but for several reasons we need to access the public ip 217.x.x.x from an inside ip (10.11.1.10). I tried to do it by creating an exemption for the dynamic nat; if i don't do that i have a 'deny ip spoof from...' message rolling on my syslogs.Seems to do the trick.....but only for pings! i ping the public ip from the inside ip, and got the reply from the internal ip on the DMZ. But if i want to telnet port 25 from inside to public; its not working.
View 7 Replies
View Related
Dec 18, 2010
I have 2 questions.Om my cisco 2811 (IOS 12.4(15) T9 IPBASE W/O Crypto) i am using 3 interfaces.And i have a pool of Global addresses: 200.x.z.97-200.x.z.126 255.255.255.0
FastEthernet 0/1 description WAN interfaceip nat outsideip address 200.x.y.253 255.255.255.0
GigabitInterface 0/2/0description DMZ interfaceip nat insideip address 10.0.0.1 255.255.255.0
GigabitInterface 0/3/0description LAN interfaceip nat insideip address 192.168.0.251 255.255.255.0
[Code]....
View 8 Replies
View Related
Mar 9, 2011
I am wondering if all routers that have a USB port to which network storage can be attached, support the functionality to enable that storage to be accessed from outside the network. If this is true how (in a conceptual sense) can the router be configured to do this and what are the security implications?
View 2 Replies
View Related
Jun 17, 2011
I am connecting the router to a corporate network that assigns "real" IP to it (DHCP). Then I have 3 computers connecting to this router (local IP 192.168.1.2-4).Assuming I want to access a network drive named "ADrive" (on the same corporate LAN) from any of those 3 PCs, how do I do it? ("\ADrive" does not work, neither does replacing the network drive name with its IP, cannot ping either - it's like I'm on a totally separate network).
View 3 Replies
View Related
May 22, 2011
Q1/ I have 2 WinXP laptops on the network. One is WinXP Pro and one is WinXP HomeIn My Network Places of WinXP Home, it can see the WinXP Pro. In WinXP Pro, I have to do a search of the WinXP Home computer in order to detect its existence. WhyQ2/ In both systems, when I tried to access the other computer, a popup screen asked for password. I keyed in the proper password, but I cannot access the computer on the network. I repeatedly keying in the password but had the same result. I turned off the firewall on both systems. Same problem existed. On both systems, "File and Printer Sharing" are enabled in the Firewall exception. And on both systems, I can ping the other system without any problem
View 4 Replies
View Related
Jun 1, 2011
I have 2 computers connected in a LAN. I want to access the other computer through the main one.I do have shared folders (homegroup), but I would like to know how I can get complete access to the other computer via command prompt maybe?
View 4 Replies
View Related
Nov 29, 2012
how to prevent one network fro accessing another network by iptable
View 1 Replies
View Related
Nov 16, 2011
have a home network and access it thru an ATT wireless router. I also have a wireless printer but unable to access it vis the network. I ran ipconfig. I can see ip address for the router, ie, the Ethernet adapter wireless network connections: IP add, Submask, Default, DHCP Class Id. I also see 'Media State....Media Disconnected' Could this affect not having access to the wireless printer?
View 3 Replies
View Related
May 30, 2011
How do I block a particular IP from accessing my network entirely? I have a hacker with a known IP I want to shut out. I tried creating a DENY inbound filter (with just that IP as the range) but that didn't seem to work. that hacker kept being able to attempt logins.
View 7 Replies
View Related
Aug 22, 2012
If possible I would like to have access to my external hard drive from outside of my network.While in the network my laptop connects to the Hard Drive using the shareport. If I take the laptop with me then I would also have to take the External Drive with me.
View 6 Replies
View Related
Oct 11, 2012
I have an issue with my mail server(SME Server) which is behind a Cisco ASA 5500(firewall) problem is that if one leaves my network they can receive but can not send email via my SMTP also internal people can only send if they use the IP address of the server rather than the domain [URL]
here is my layout
ISP - ASA 5510 - LAN (includes mailserver)
View 7 Replies
View Related
Mar 28, 2012
I can not access Windows Live Messenger, it will not connect. I can visithotmail.com but not delete or send any e-mails. It says Hotmail is not responding.I can also not access Windows Update. When I search for updates it comes back with error 80072EE2. I also have problems accessing secure websites where I need to pay for something, e-Bay, paypal, make payments off Credit Cards etc.However I can access all websites on my iPhone over the same Wi-Fi. I took the same laptop to 2 other addresses and it works fine at both and able to access all webpages etc!I am running Windows 7 and have tried IE, Safari and Firefox, all with same problems. I am with o2 home broadband and have been with them for years with no problems. I have replaced the router, and have another new router on the way, but am expecting the same problems!
View 1 Replies
View Related
Nov 24, 2011
I'm trying to setup a server with two nics, one of which is connected to the network, and the other connected to a NAS via crossover. I've never done anything with subnetting, but I was thinking I could just set the main nic to 192.168.10.20 with a subnet of 255.255.255.0 and the other to 192.168.10.250 with a subnet of 255.255.255.240 and the nas nic set to 192.168.10.251
Am I thinking through this right, or is there a better way to do this?
View 6 Replies
View Related
Apr 7, 2012
i have an unknown pc accessing my home network. How do I delete/remove this pc
View 1 Replies
View Related
Feb 1, 2011
Is there any way to access the router's configuration pages (192.168.0.1) via the Guest wireless network when routing between the zones is disabled?
Here's the story:
I am using my landlords wireless internet, but I administer the router myself. The router is 'upstairs' and i am 'downstairs' and he has his computer plugged into it plus one wireless laptop. He knows nothing about computers and is vulnerable to downloading viruses (and other ****) and I don't want my computers to be on the same 'network' as his.
I had a brilliant idea that since I am 100% wireless, I can make a guest network, put all my computers on that network and disable routing between them. Now all of my computers (some connected through a wireless bridge) can not see his computers at all (perfect!). The only problem now is I can no longer access the router config pages at 192.168.0.1!
Is there any way I can segregate my computers from his and also access the router config? I've tried accessing the WAN IP for the remote admin pages from inside the NAT, but it still blocks it.
View 6 Replies
View Related
Sep 10, 2012
we have a router with voip phones but no wifi, so i installed a separate wifi router but its ip is 192 range while the LAN is 10.1.1x range, how can i set it up so wirelessley connected PC's have access the file share and internet?
View 5 Replies
View Related
Feb 23, 2011
i'm getting "general network error" while accessing application from server..
client machine: Windows 7
server machine: Windows 2008 server
Switch : 24 port unmanaged D-Link switch ..
network cable: CAT-5 cable.
View 1 Replies
View Related
Aug 7, 2011
I've got the below setup, have the wrt320 setup as a switch / wifi ap, i'm totally unable to access its management page from pc1 but am able to via pc 3, why is this, how can i get around this? Routing? Also am unable to access pc3's resources from pc1..When i enter the ip of the wrt320 it thinks about it and before it has come up with the user/password screen but it soon dissapears and firefox comes up with a "Unable to connect Firefox can't establish a connection to the server at 192.168.0.2." message.
View 1 Replies
View Related
Jul 15, 2012
Just upgraded my system. I am using D-Link 615 as access point hardwired LAN to LAN to ActiveTec MI424WR N capable Verizon Fios Wireless Modem/Router. The Fios Router is set up with WPA2 security. Intend on having three 615s as Access Points off of ActiveTec. Have a number of wireless devices accessing the network. Have followed instructions from manual to use 615 as Access Point, disabling UPnP and the DNCP Server function on the 615. My ActiveTec IP address is 192.168.1.1 and I changed the 615 to 192.168.1.50. I can type this IP address in my browser and get to the 615 set-up.
I have tried a couple different options in naming the SSID on the 615 set-up. If I name the SSID on the 615 the same as the ActiveTec router, when I go to Connect to a wireless signal where there is overlap, there are two signals that one can connect to, named the same SSID, the Fios is WPA2 secured and the 615 is not. Shouldn't these all be on one SSID? It seems that I have two different networks (different SSIDs) instead of one (rather than the 615 simply serving as an extension of the Fios router as a wired remote access point) with different security protocols (WPA2 and None). The SSID name almost seems meaningless. If I name the 615 SSID the same as the Fios router SSID or something different, I still have the option of selecting one SSID that is secure and one that isn't. If I try to connect to the SSID name associated with the 615 I can get on without providing a password.How do I make it so that one can walk around and go from one area to the next and seamlessly move to the best signal? I did read to select different sets of channels for each access point.
View 3 Replies
View Related
May 17, 2011
I recently upgraded from Linksys WRT54G to D-Link DIR-655 firmware version 2.0. All the features are working as advertised however i am having difficulties accessing UPnP services in my network. I have a Samsung 55" internet enabled TV connected to the router and also have few devices that can stream over UPnP to the TV. The option to enable the UPnP is enabled in the router configuration however its not finding devices in the network ... comparing that with Linksys ... all i had to do is enable the UPnP and all my devices discovered each other and started streaming without any issue. What do i need to do in D-Link to enable the UPnP devices ...
View 14 Replies
View Related
Nov 25, 2011
I'm trying to configure hairpinning on my Cisco 887VA VDSL router, so all LAN users can connect to the server using SMTP port 25 which is also in the same LAN subnet, using external router address, which is assigned to dialer1 interface.Traffic comming in from outside works fine.
External IP: 1.1.1.1/29
PC address connecting to the server: 192.168.101.28
Server address: 192.168.101.200
IOS: 15.1.4M1
[code]....
I'm running tcpdump on the server on port 25 and... nothing happens. The traffic is not going through.One thing that I've notices in debug ip packet is this line:
s=1.1.1.1 (Vlan1), d=192.168.101.200 (Vlan1), len 52, rcvd local pkt
shouldn't source be internal vlan1 IP - 192.168.101.1?
View 3 Replies
View Related
Apr 24, 2013
I have a Cisco ASA 5505 with the base License. I want to split my network and add a new Internet Access, the first network in Orange works fine. My question is how can i access the file server from the second network (192.168.X.0 /24) ? The 3 switches are Cisco SF300-24P.
View 7 Replies
View Related
Jul 1, 2012
I have a simple isp topology built in GNS3, for testing (pppoe) dialers:cisco router(R1) connected to my pc network card, doing NAT translations for all the devices in the topology.I know how to configure NAT for spesific ip range, but i can't find out how to configure NAT for networks which are learned through ospf (or any other dynamic way).
View 2 Replies
View Related
Jul 29, 2011
I have a 5505 with the security plus license. I have a web server in the DMZ that needs to talk with a server on the inside network but it doesn't seem to be able to. Im guessing there is something I need to do to enable the DMZ to talk to the inside network.
Here is the config.
[code]...
View 1 Replies
View Related
Jun 25, 2012
I have setup a few Vpn clients but no ones able to access the inside network.The clients all get a Ip address from the pool and DNS servers Ip's. But cannot ping or connect to there pc's. I'm thining its somewhere in the ACL.
View 2 Replies
View Related
Nov 29, 2011
i have cisco asa 5505 Security adaptive firewall. my inside network is 192.168.1.0 255.255.255.0 . i want to add static route another network i have that network id is 192.168.2.0 . 255.255.255.0.how i can add the route.
View 9 Replies
View Related
Apr 16, 2012
I have an ASA 5510 which works great except I'm unable to connect to the remote access VPN from inside the network (behind the ASA). Is there a special NAT exemption required? [code]
View 6 Replies
View Related
Feb 8, 2013
I want to transfer big fiiles from PC to another PC, and it has happened frequently, I was wondering is there any way that I can send them directly with high speed if they are connected to the same router (my Router),I got an Desktop with Windows 8 64bit.The target PC (to transfer files) Laptop Windows 7
View 2 Replies
View Related
Jun 13, 2011
I'm the IT Manager for a Small Non-Profit Organization(facilitating build homes, giving education, health care for the poor).All computers are connected to a network through a Linksys E1000 Wifi Router and I would like to access all computers remotely especially when I'm on my site visits or when I'm not in the office. Is there a way for me to join the network even if I'm outside the office.
View 5 Replies
View Related
Feb 10, 2011
I'm just new with ASA. I'm just self-studying on it. I was tasked to have an ACL that will allow inside hosts to access a specific network. Is there a way on how to know all the inside hosts on the behind ASA so that I can do a "object-group network" on those inside hosts which I think it will look neat.
View 1 Replies
View Related
