Configuring The Security Appliance For A Dmz Deployment - Cisco ASA 5505 Getting Started Manual
Hide thumbs
Also See for ASA 5505:
- Configuration manual (1822 pages) ,
- Getting started manual (168 pages) ,
- Administrator's manual (118 pages)
Table of Contents
Advertisement
Configuring the Security Appliance for a DMZ Deployment
Figure 6-3
Incoming HTTP Traffic Flow From the Internet
Security
Appliance
DMZ Web
Server
Configuring the Security Appliance for a DMZ
Deployment
Cisco ASA 5505 Getting Started Guide
6-4
2
Incoming request
destined for public
address of DMZ web
server intercepted.
3
Destination IP address
translated to the private IP
address of the web server.
4
Web server receives
request for content.
Private IP address: 10.30.30.30
Public IP address: 209.165.200.226
To permit incoming traffic to access the DMZ web server, the adaptive security
appliance configuration includes the following:
•
An address translation rule translating the public IP address of the DMZ web
server to the private IP address of the DMZ web server.
•
An access control rule permitting incoming HTTP traffic that is destined for
the DMZ web server.
The procedures for creating this configuration are detailed in the remainder of this
chapter.
This section describes how to use ASDM to configure the adaptive security
appliance for the configuration scenario shown in
sample parameters based on the scenario.
Chapter 6
1
HTTP request
sent to public address
of DMZ web server.
HTTP client
Internet
HTTP client
Figure
Scenario: DMZ Configuration
6-1. The procedure uses
78-17612-01
- Quick Links:
- Ports and Leds
Hide quick links:
Advertisement
Table of Contents
