Networking
Configuring DMZ
Cisco ISA500 Series Integrated Security Appliances Administration Guide 143
4
Figure 2 Example DMZ with Two Public IP Addresses
In this scenario, the ISP has supplied two static IP addresses: 209.165.200.225 and
209.165.200.226. The address 209.165.200.225 is used for the security
appliance’s public IP address. The administrator configures the configurable port
to be used as a DMZ port and created a firewall rule to allow inbound HTTP traffic
to the web server at 172.16.2.30. The firewall rule specifies an external IP address
of 209.165.200.226. Internet users enter the domain name that is associated with
the IP address 209.165.200.226 and can then connect to the web server.
Configuring a DMZ
STEP 1 To add a new DMZ, click Add. To modify the settings for a DMZ, click the Edit
(pencil) icon.
Other options: To delete a DMZ, click the Delete (x) icon.
DMZ Interface
172.16.2.1
283050
www.example.com
Internet
ISA500
User
192.168.75.10
LAN Interface
192.168.75.1
Web Server
Private IP Address: 172.16.2.30
Public IP Address: 209.165.200.226
User
192.168.75.11
172.16.2.30
Source Address Translation
209.165.200.226
Public IP Addresses
209.165.200.225 (router)
209.165.200.226 (web server)