Cisco Systems PIX515E quick start Configure External Identity for the DMZ Web Server

Page 15

Step 3 Configure External Identity for the DMZ Web Server

The DMZ server is easily accessible by all hosts on the Internet. This configuration requires translating the DMZ server IP address so that it appears to be located on the Internet, enabling outside HTTP clients to access it unaware of the firewall. Complete the following steps to map the DMZ IP address (30.30.30.30) statically to a public IP address (209.165.156.11):

a.Right click in the gray area under the Translation Rules tab.

b.Select Add.

c.Select dmz from the drop-down menu of interfaces.

d.Enter the server IP address (30.30.30.30) or select the server by clicking on the Browse button.

e.Select 255.255.255.255 from the Mask drop-down menu.

f.Click the Static radio button.

g.Enter the external IP address (209.165.156.11). The Advanced button allows you to configure features such as limiting the number of connections per static entry and DNS rewrites.

h.Click the OK button.

i.Confirm the values that you entered. Click the Apply button.

15

Page 14 Page 16
Image 15
Page 14 Page 16
Contents Cisco PIX 515E Firewall Hardware Features Software FeaturesAbout the Cisco PIX 515E Firewall Check Items Included 69-0123-01 69-0124-01 69-0125-01 Power cable Rubber feetDMZ Install the PIX 515EConfigure the PIX 515E DMZ Configuration Example ConfigurationsManage IP Pools for Network Translations Select the Translation Rules tab Page Page Configure Address Translations on Private Networks Page Page Page Configure External Identity for the DMZ Web Server Configurations should display as shown below Provide Http Access to the DMZ Web Server Page Page Site-to-Site VPN Configuration Start the VPN Wizard Configure the VPN Peer Page Configure the IKE Policy Page Configure Internal Traffic Page View and Enable VPN Commands Optional Maintenance and Upgrade Procedures Establishing Site-to-Site VPNs with other Cisco ProductsObtaining DES and 3DES/AES Encryption Licenses Command Description Restore the Default ConfigurationHttp 192.168.1.0 Alternative Ways to Access the PIX 515E Ethernet LED Check the LEDsColor Status Description Ordering Documentation Obtaining DocumentationCisco.com Documentation CD-ROMDocumentation Feedback Obtaining Technical AssistanceCisco TAC Website TAC Case Priority Definitions Opening a TAC CaseObtaining Additional Publications and Information Page USA
Top Page Image Contents