Networking
Configuring a DMZ
STEP 1
STEP 2
STEP 3
STEP 4
Cisco SA 500 Series Security Appliances Administration Guide
Configuring the DMZ Settings
Follow this procedure to configure your DMZ port settings, and then create
firewall rules to allow traffic to access the services on your DMZ.
First configure the Optional port for use as a DMZ:
a. Click Networking on the menu bar, and then click Optional Port > Optional
Port Mode in the navigation tree.
—OR—From the Getting Started (Advanced) page, under DMZ Port, click Set
Optional Port to DMZ mode.
The Optional Port Mode page appears.
b. Choose DMZ.
c. Click Apply to save your settings, or click Reset to revert to the saved settings.
If you are using the Getting Started (Advanced) page, click Getting Started on
the menu bar click Advanced in the navigation tree to return to the list of
configuration tasks.
Click Networking on the menu bar, and then click Optional Port > DMZ Config in
the navigation tree.
—OR—From the Getting Started (Advanced) page, under DMZ Port, click
Configure DMZ settings.
The DMZ Configuration page appears.
In the DMZ Port Setup area, enter an IP Address and the Subnet Mask for the
DMZ port on the internal network. Devices on the DMZ network communicate with
the router by using this IP address.The default DMZ IP address of 172. 1 6.2. 1 is
shown on the screen.
In the DHCP for DMZ Connected Computers area, enter the following
information:
•
DHCP Mode: Choose one of the following modes:
-
None: Choose this option if If the computers on the DMZ are configured
with static IP addresses or are configured to use another DHCP server.
-
DHCP Server: Choose this option to allow the security appliance to act
as a DHCP server and to assign IP addresses to all devices that are
connected to the DMZ network. Also complete the fields that are
highlighted with white backgrounds.
3
72