Hi all,
I have WEBSERVER in the DMZ and two application server in the inside (AS1 and AS2).
The WEBSERVER accept http connection from the Internet and than need to ask for data to the inside network; how to add this rule in the following configuration to let WEBSERVER access the two server AS1 and AS2 in the inside network?
WEBSERVER: 35.35.35.35 AS1: 192.168.1.100 AS2: 192.168.1.101
Relevant part of configuration:
interface ethernet0 auto interface ethernet1 auto interface ethernet2 auto nameif ethernet0 outside security0 nameif ethernet1 inside security100 nameif ethernet2 DMZ security4 enable password XXXXXXXXXXX encrypted object-group service WebServer tcp port-object eq www port-object eq https access-list outside_access_in permit tcp any host A.B.C.19 object-group WebServer log 7 access-list 110 permit ip 192.168.1.0 255.255.255.0 192.168.2.0
255.255.255.0 ip address outside A.B.C.18 255.255.255.0 ip address inside 192.168.1.1 255.255.255.0 ip address DMZ 35.35.35.1 255.255.255.0 global (outside) 1 interface global (DMZ) 1 35.35.35.5-35.35.35.20 nat (inside) 0 access-list 110 nat (inside) 1 192.168.1.0 255.255.255.0 0 0 static (DMZ,outside) A.B.C.19 WebServer netmask 255.255.255.255 0 0 access-group outside_access_in in interface outside route outside 0.0.0.0 0.0.0.0 A.B.C.17 1Hope I made myself clear.
Thanks in advance,
Marco.
P.S. Please answer also to my e-mail because I'm not a frequent reader of the newsgroup.