Chapter 6
Scenario: DMZ Configuration
Figure 6-5
192.168.1.2
In Figure 6-5, the adaptive security appliance permits HTTP traffic originating
from inside clients and destined for the DMZ web server. Because the internal
network does not include a DNS server, internal client requests for the DMZ web
server are handled as follows:
1.
78-18003-02
An Inside User Visits a Web Server on the DMZ
www.example.com
Internet
Inside interface
192.168.1.1
Inside
User
A lookup request is sent to the DNS server of the ISP. The public IP address
of the DMZ web server is returned to the client.
Public IP Address
209.165.200.225
(outside interface)
DMZ interface
10.30.30.1
DMZ
Web Server
Private IP Address: 10.30.30.30
Public IP Address: 209.165.200.225
ASA 5505 Getting Started Guide
Example DMZ Network Topology
6-9