Table of Contents
Advertisement
Example DMZ Network Topology
An Internet User Visits the DMZ Web Server
Cisco ASA 5500 Series Getting Started Guide
8-4
When an inside user requests an HTTP page from a web server on the Internet,
data moves through the adaptive security appliance as follows:
The user on the inside network requests a web page from www.example.com.
1.
The adaptive security appliance receives the packet and, because it is a new
2.
session, verifies that the packet is allowed.
3.
The adaptive security appliance performs Network Address Translation
(NAT) to translate the local source address (192.168.1.2) to the public address
of the outside interface (209.165.200.225).
The adaptive security appliance records that a session is established and
4.
forwards the packet from the outside interface.
When www.example.com responds to the request, the packet goes through the
5.
adaptive security appliance using the established session.
The adaptive security appliance uses NAT to translate the public destination
6.
(209.165.200.225) address to the local user address, 192.168.1.2.
The adaptive security appliance forwards the packet to the inside user.
7.
Figure 8-3
shows the traffic flow through the adaptive security appliance when a
user on the Internet requests a web page from the DMZ web server.
Chapter 8
Scenario: DMZ Configuration
78-19186-01
Hide quick links:
Advertisement
Table of Contents
