Networking

4

 

Configuring DMZ

 

 

 

 

 

Figure 2 Example DMZ with Two Public IP Addresses

www.example.com

Internet

Public IP Addresses

Source Address Translation

209.165.200.225 (router)209.165.200.226 172.16.2.30 209.165.200.226 (web server)

 

DMZ Interface

ISA500

172.16.2.1

 

LAN Interface

Web Server

Private IP Address: 172.16.2.30

192.168.75.1

Public IP Address: 209.165.200.226

 

User

User

192.168.75.10

192.168.75.11

283050

In this scenario, the ISP has supplied two static IP addresses: 209.165.200.225 and 209.165.200.226. The address 209.165.200.225 is used for the security appliance’s public IP address. The administrator configures the configurable port to be used as a DMZ port and created a firewall rule to allow inbound HTTP traffic to the web server at 172.16.2.30. The firewall rule specifies an external IP address of 209.165.200.226. Internet users enter the domain name that is associated with the IP address 209.165.200.226 and can then connect to the web server.

Configuring a DMZ

STEP 1 To add a new DMZ, click Add. To modify the settings for a DMZ, click the Edit (pencil) icon.

Other options: To delete a DMZ, click the Delete (x) icon.

Cisco ISA500 Series Integrated Security Appliances Administration Guide

143

Page 143
Image 143
Casio ISA550WBUN3K9 manual Example DMZ with Two Public IP Addresses, Configuring a DMZ