Chapter 6 Scenario: Dmz Configuration - Cisco ASA 5505 Getting Started Manual
Hide thumbs
Also See for ASA 5505:
- Configuration manual (1822 pages) ,
- Getting started manual (168 pages) ,
- Administrator's manual (118 pages)
Table of Contents
Advertisement
Example DMZ Network Topology
Figure 6-1
Network Layout for DMZ Configuration Scenario
HTTP client
inside interface
10.10.10.0
(private address)
10.10.10.0
(private address)
Cisco ASA 5505 Getting Started Guide
6-2
Security
Appliance
outside interface
209.165.200.225
(public address)
DMZ interface
10.30.30.0
(private address)
DMZ Web
Private IP address: 10.30.30.30
Server
Public IP address: 209.165.200.226
This example scenario has the following characteristics:
The web server is on the DMZ interface of the adaptive security appliance.
•
HTTP clients on the private network can access the web server in the DMZ
•
and can also communicate with devices on the Internet.
Clients on the Internet are permitted HTTP access to the DMZ web server; all
•
other traffic is denied.
The network has two routable IP addresses that are publicly available: one for
•
the outside interface of the adaptive security appliance (209.165.200.225),
and one for the public IP address of the DMZ web server (209.165.200.226).
Figure 6-2
shows the outgoing traffic flow of HTTP requests from the private
network to both the DMZ web server and to the Internet.
Chapter 6
Scenario: DMZ Configuration
HTTP client
Internet
HTTP client
78-17612-01
- Quick Links:
- Ports and Leds
Hide quick links:
Advertisement
Table of Contents
