Cisco PIX-515E Spezifikationen PDF herunterladen (Seite 18)

Chapter 2 Scenario: DMZ Configuration

Example DMZ Network Topology

2-2

PIX 515E Security Appliance Getting Started Guide

78-17645-01

Figure 2-1 Network Layout for DMZ Configuration Scenario

This example scenario has the following characteristics:

• The web server is on the DMZ interface of the security appliance.

• HTTP clients on the private network can access the web server in the DMZ

and can also communicate with devices on the Internet.

• Clients on the Internet are permitted HTTP access to the DMZ web server; all

other traffic is denied.

• The network has two routable IP addresses that are publicly available: one for

the outside interface of the security appliance (209.165.200.225), and one for

the public IP address of the DMZ web server (209.165.200.226).

Figure 2-2 shows the outgoing traffic flow of HTTP requests from the private

network to both the DMZ web server and to the Internet.

132064

Internet

HTTP client

Security

Appliance

10.10.10.0

(private address)

inside interface

10.10.10.0

(private address)

outside interface

209.165.200.225

(public address)

DMZ interface

10.30.30.0

(private address)

DMZ Web

Server

Private IP address: 10.30.30.30

Public IP address: 209.165.200.226

1 2 ... 13 14 15 16 17 18 19 20 21 22 23 ... 77 78

Keine Kommentare

Cisco PIX-515E Spezifikationen Seite 18