Cisco SA520-K9 Administration Guide - Page 64

Networking Configuring a DMZ 2 Configuring the DMZ Settings Follow this procedure to configure your DMZ port settings, and then create firewall rules to allow traffic to access the services on your DMZ. STEP 1 First configure the Optional port for use as a DMZ: a. Click Networking > Optional Port > Optional Port Mode, or from the Getting Started (Advanced) page, under DMZ Port, click Set Optional Port to DMZ mode. The Optional Port Mode window opens. b. Choose DMZ. c. Click Apply to save your settings. If you are using the Getting Started (Advanced) page, click Getting Started > Advanced to return to the list of configuration tasks. STEP 2 Click Networking > Optional Port > DMZ Config, or from the Getting Started (Advanced) page, under DMZ Port, click Configure DMZ settings. The DMZ Configuration window opens. STEP 3 In the DMZ Port Setup area, enter an IP Address and the Subnet Mask for the DMZ port on the internal network. Devices on the DMZ network communicate with the router by using this IP address.The default DMZ IP address of 172.16.2.1 is shown on the screen. STEP 4 In the DHCP for DMZ Connected Computers area, enter the following information: • DHCP Mode: Choose one of the following modes: - None: Choose this option if If the computers on the DMZ are configured with static IP addresses or are configured to use another DHCP server. - DHCP Server: Choose this option to allow the security appliance to act as a DHCP server and to assign IP addresses to all devices that are connected to the DMZ network. Also complete the fields that are highlighted with white backgrounds. - DHCP Relay: Choose this option to allow the security appliance to use a DHCP Relay. If you choose this mode, also enter the IP address of the Relay Gateway. • Domain Name (optional): Enter a name for the domain. Cisco SA500 Series Security Appliances Administration Guide 64