Configuring the Security Appliance for a DMZ Deployment
g.
h.
Add addresses to the IP pool to be used by the outside interface. These addresses
Step 2
are used to translate private IP addresses so that inside clients can communicate
securely with clients on the Internet.
In this scenario, there are limited public IP addresses available. Use Port Address
Translation (PAT) so that many internal IP addresses can map to the same public
IP address, as follows:
a.
b.
c.
d.
Cisco ASA 5550 Getting Started Guide
6-10
Click Add to add this range of IP addresses to the Address Pool.
The Add Global Pool dialog box configuration should be similar to the
following:
Click OK to return to the Configuration > NAT window.
In the right pane of the NAT Configuration screen, click the Global Pools tab.
Under the Global Pools tab, click Add.
The Add Global Pool Item dialog box appears.
From the Interface drop-down list, choose Outside.
Specify a Pool ID for the Outside interface.
You can add these addresses to the same IP pool that contains the address pool
used by the DMZ interface (in this scenario, the Pool ID is 200).
Chapter 6
Scenario: DMZ Configuration
78-17644-01