Hi I tried to create a DMZ on my pix (with PDM, I'm nearly a newbie on Pix ).
- there is 2 public addresses used on the outside: - x.x.x.220 for nat from inside - x.x.x.219 for nat from DMZ My public network is x.x.x.192 to x.x.x.222 (masq is 255.255.255.224 )
On the DMZ there is one web/mail server 192.168.2.22 The inside network is 192.168.1.0
- I can reach the web from inside
- I can reach my DMZ http server from inside using the private adresse of the DMZ
- I can reach my http server from outside (anywhere on the web, there is a translation from x.x.x.219 to 192.168.2.22 )
But here is the problem : if I use the public address (x.x.x.219) from inside, I can't reach my http server (or any service like ssh, mail, etc ...).
As I know a few on pix, I think I'm missing something .... but what ? an htpp request from inside to x.x.x.219 should go out from x.x.x.221 and be redirected to x.x.x.219, but I don't know how to do, if somebody could help, I will be happy !!!
PS: I don't know if I should have post here or to comp.security.firewalls sorry !