Table of Contents
Advertisement
Configuring the Security Appliance for a DMZ Deployment
Figure 2-3
Incoming HTTP Traffic Flow From the Internet
Security
Appliance
DMZ Web
Server
Configuring the Security Appliance for a DMZ
Deployment
PIX 515E Security Appliance Getting Started Guide
2-4
2
Incoming request
destined for public
address of DMZ web
server intercepted.
3
Destination IP address
translated to the private IP
address of the web server.
4
Web server receives
request for content.
Private IP address: 10.30.30.30
Public IP address: 209.165.200.226
To permit incoming traffic to access the DMZ web server, the security appliance
configuration includes the following:
•
An address translation rule translating the public IP address of the DMZ web
server to the private IP address of the DMZ web server.
•
An access control rule permitting incoming HTTP traffic that is destined for
the DMZ web server.
The procedures for creating this configuration are detailed in the remainder of this
chapter.
This section describes how to use ASDM to configure the security appliance for
the configuration scenario shown in
parameters based on the scenario.
Chapter 2
1
HTTP request
sent to public address
of DMZ web server.
HTTP client
Internet
HTTP client
Figure
2-1. The procedure uses sample
Scenario: DMZ Configuration
78-17645-01
- Quick Links:
- Starting Asdm
Hide quick links:
Advertisement
Table of Contents
