Dmz For Public Web Sites And Services - Cisco QuickVPN - PC Administration Manual
Sa 500 series security appliances administration guide
Hide thumbs
Also See for QuickVPN - PC:
- Administration manual (233 pages) ,
- User manual (112 pages) ,
- Administration manual (200 pages)
Table of Contents
Advertisement
Getting Started
Common Configuration Scenarios
Cisco SA 500 Series Security Appliances Administration Guide
Configuration tasks for this scenario:
To start configuring your firewall rules, use the Firewall and NAT Rules links on the
Getting Started (Advanced) page. For more information, see
Rules to Control Inbound and Outbound Traffic, page
Scenario 4: DMZ for Public Web Sites and Services
If your business hosts public services such as web sites, you need a way to allow
access to those services without exposing your LAN. You can address this
concern by configuring the Optional port of the security appliance for use as a
DMZ (Demarcation Zone or Demilitarized Zone). This zone acts as a separate
network between your private LAN and the Internet. After you configure your DMZ,
you can configure the firewall rules that enable traffic to connect only to the
services that you specify.
www.example.com
Internet
Public IP Address
209.165.200.225
SA 500
LAN Interface
192.168.75.1
User
192.168.75.10
DMZ Interface
172.16.2.1
Web Server
Private IP Address: 172.16.2.30
Public IP Address: 209.165.200.225
User
192.168.75.11
Configuring Firewall
121.
Source Address Translation
209.165.200.225
172.16.2.30
1
32
Hide quick links:
Advertisement
Table of Contents
