DMZ - Cablevision static IP service

rileymartin · ‎10-06-2007

Hi,

We purchased Cablevision static IP address and cablemodem service and want to install an external DNS server and an SMTP relay service for an internal Exchange server. The static IP service came with 5 public IP addresses and an 851 router that came preconfigured and which they allow no access to whatsoever.

I'm new and was hoping I could get some guidance for setting up a DMZ for an external Windows 2003 server which will do external DNS and act as an SMTP relay server for our internal Exchange server.

We're already using private IPs on our internal network and I thought I would use a 2nd router and configure NAT overload as well as access lists to protect the internal network. The external DNS server would connect directly to a fastethernet port on the Cablevision provided 851 router.

Thanks in advance for any help you can provide.

whisperwind · ‎10-07-2007

It sounds like you are asking for design assistance, however if cablevision has locked the router there is not much we can do.

I would suggest either calling them to setup the router for you or instead of a second router get a firewall.

Firewall is best as waht you need is what its designed for, once you get one here is a good link to help you.

http://www.cisco.com/en/US/docs/security/asa/asa72/getting_started/asa5505/quick/guide/dmz.html

rileymartin · ‎02-27-2008

Thank you.

I will definately read the article. Could you recommend an older model(s) of Cisco firewall that I could buy refurbished/used at a reasonable price? Thanks.