Networking
Configuring DMZ
Cisco ISA500 Series Integrated Security Appliances Administration Guide 144
4
STEP 2 In the Basic Settings tab, enter the following information:
•Name: Enter the name for the DMZ.
•IP Address: Enter the subnet IP address for the DMZ.
•Netmask: Enter the subnet mask for the DMZ.
•Spanning Tree: Check this box to enable the Spanning Tree feature to
determine if there are loops in the network topology.
•Port: Specify a configurable port as a DMZ port . Traffic through the DMZ
port is directed to the DMZ. All available configurable ports appear in the
Port list. Choose a port from the Port list and add it to the Member list . The
selected configurable port will be set as a DMZ port .
NOTE: This setting will change the port type and access mode of the
selected configurable port. Changing the port type will wip e out all
configuration relative to the physical port.
•Zone: Choose the default DMZ zone or a custom DMZ zone to which the
DMZ is mapped. You can click the Create Zone link to view, edit, or add the
zones on the security appliance.
STEP 3 In the DHCP Pool Settings tab, choo se the DHCP mode from the DHCP Mode
drop-down list.
•Disable: Choose this option if the computers on the DMZ are configured with
static IP addresses or are configured to use another DHCP server.
•DHCP Server: Allows the security appliance to act as a DHCP server and
assigns IP addresses to all devices that are connected to the DMZ. Any new
DHCP client joining the DMZ is assigned an IP address of the DHCP pool.
•DHCP Relay: Allows the security appliance to use a DHCP Relay. If you
choose DHCP Relay, enter the IP address of the remote DHCP server in the
Relay IP field.
STEP 4 If you choose DHCP Ser ver as the DHCP mode, enter the foll owing in formati on:
•Start IP: Enter the starting IP address in the DHCP range.
•End IP: Enter the ending IP address in the DHCP range.
NOTE: The Start and End IP addresses must be in the same subnet with the
DMZ IP address.