cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
585
Views
4
Helpful
7
Replies

DMZ configuration

nocret808
Level 1
Level 1

I would like to find out on what is the best practice on setting up Windows Media Server on DMZ. I am trying to setup a WMS server on the DMZ and would like this DMZ server to communicate with my SQL server on my internal network. Below is my configuration.

7 Replies 7

nocret808
Level 1
Level 1

forgot to attached config

Whats wrong with it? Looks ok to me.

the DMZ server cant get to my SQL server on my internal network. the other thing im concern is, is this a best practice in allowing DMZ traffic to my internal network? i just want to get some idea.

thanks

yeah.the configuration is absolutely fine.

and you have followed the best practices. :)

static is there for the translation purpose between the inside and dmz.

on the dmz interface,there's an access-list which permits the sql data to inside,then there's a deny which denies the rest of the traffic to inside and then there's a permit ip any any for internet access in dmz.

good approach.

let us know if there's any specific question/issue/concern that you might have

Regards,

Sushil

Cisco TAC.

expect

hi,

could you please attach the syslogs generated while you attempt to connect to the sql server in inside.

the config. is ok.

Regards,

Sushil

Cisco TAC.

nocret808
Level 1
Level 1

Thanks. The question that was raised was: by allowing communication from dmz to the sql server, someone can potentially break or hack into my inside network via the dmz. What they also want to do is to have this DMZ server have Internet capability for Windows patching. i am not sure if im in favor in doing this. please advise.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: