Cisco SA520-K9 Administration Guide - Page 62
Networking, Example DMZ with One Public IP Address for WAN and DMZ
UPC - 882658266744
View all Cisco SA520-K9 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 62 highlights
Networking Configuring a DMZ 2 DMZ configuration is identical to the LAN configuration. There are no restrictions on the IP address or subnet assigned to the DMZ port, other than the fact that it cannot be identical to the IP address given to the LAN interface of this gateway. In this scenario, the business has one public IP address, 209.165.200.225, which is used for both the router's public IP address and the web server's public IP address. The administrator configures the Optional port to be used as a DMZ port. A firewall rule allows inbound HTTP traffic to the web server at 172.16.2.30. Internet users can enter the domain name that is associated with the IP address 209.165.200.225, and they are connected to the web server. The same IP address is used for the WAN interface. Figure 3 Example DMZ with One Public IP Address for WAN and DMZ www.example.com Internet Public IP Address 209.165.200.225 SA 500 LAN Interface 192.168.75.1 DMZ Interface 172.16.2.1 Source Address Translation 209.165.200.225 172.16.2.30 Web Server Private IP Address: 172.16.2.30 Public IP Address: 209.165.200.225 User 192.168.75.10 User 192.168.75.11 235140 Cisco SA500 Series Security Appliances Administration Guide 62