Providing Public Http Access To The Dmz Web Server - Cisco ASA 5505 Getting Started Manual

Adaptive security appliance

Hide thumbs Also See for ASA 5505:

Configuration manual (1822 pages)

Getting started manual (168 pages)

Administrator's manual (118 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

page of 114

/ 114
Contents
Table of Contents
Bookmarks

Table of Contents

Chapter 6

Scenario: DMZ Configuration

Providing Public HTTP Access to the DMZ Web Server

Step 1

Step 2

Step 3

Step 4

Step 5

78-17612-02

By default, the adaptive security appliance denies all traffic coming in from the

public network. To permit traffic coming from the Internet to access the DMZ web

server, you must configure an access control rule permitting incoming HTTP

traffic destined for the DMZ web server.

This access control rule specifies the interface of the adaptive security appliance

that processes the traffic, that the traffic is incoming, the origin and destination of

the traffic, and the type of traffic protocol and service to be permitted.

In this section, you create an access rule that permits incoming HTTP traffic

originating from any host or network on the Internet, if the destination of the

traffic is the web server on the DMZ network. All other traffic coming in from the

public network is denied.

To configure the access control rule, perform the following steps:

In the ASDM main window, do the following:

Choose Configuration > Security Policy.

Click the Access Rules tab, then from the Add pull-down list, choose Add

Access Rule.

The Add Access Rule dialog box appears.

In the Interface and Action area, do the following:

From the Interface drop-down list, choose Outside.

From the Direction drop-down list, choose Incoming.

From the Action drop-down list, choose Permit.

In the Source area, choose the Any keyword from the Type drop-down list to allow

traffic originating from any host or network.

In the Destination area, do the following:

From the Type drop-down list, choose the Interface IP keyword.

From the Interface drop-down list, choose Outside.

In the Protocol and Service area, specify the type of traffic that you want to permit

through the adaptive security appliance.

From the Protocol drop-down list, choose tcp.

Configuring the Security Appliance for a DMZ Deployment

Cisco ASA 5505 Getting Started Guide

6-15

Table of Contents

Show Quick Links

Quick Links:
Chapter 1 Before You Begin

Hide quick links:

Table of Contents

Providing Public Http Access To The Dmz Web Server - Cisco ASA 5505 Getting Started Manual

Providing Public HTTP Access to the DMZ Web Server

Hide quick links:

Related Manuals for Cisco ASA 5505

Related Content for Cisco ASA 5505

Table of Contents