Table of Contents
Advertisement
Chapter 8
Scenario: DMZ Configuration
Figure 8-3
192.168.1.2
When a user on the Internet requests an HTTP page from the DMZ web server,
traffic flows through the adaptive security appliance as follows:
1.
2.
78-19186-01
An Outside User Visits the DMZ Web Server
www.example.com
Internet
Inside interface
192.168.1.1
Inside
User
A user on the outside network requests a web page from the DMZ web server
using the public IP address of the adaptive security appliance
(209.165.200.225, the IP address of the outside interface).
The adaptive security appliance receives the packet and, because it is a new
session, verifies that the packet is allowed.
Public IP Address
209.165.200.225
(outside interface)
Destination Address Translation
209.165.200.225
DMZ interface
10.30.30.1
DMZ
Web Server
Private IP Address: 10.30.30.30
Public IP Address: 209.165.200.225
Cisco ASA 5500 Series Getting Started Guide
Example DMZ Network Topology
10.30.30.30
8-5
Hide quick links:
Advertisement
Table of Contents
