DMZ web server

Unanswered Question
Sep 5th, 2010
User Badges:

Hi Community,

I've prepared a scenario for test environment to clear some doubts, please see the attached image.

You can I have 3 interface on ASA and web server with a public ip address.

My question is that

1. When someone will try to access this webserver, how the packests will be on a ASA to reach the server ? Wha will be the routing ?

2. As you can see in the image the web server is int same subnet of ASA and router directly interfaces, what default I will use to go out from the dmz zone


If something not clear please let me know..

Any help will be highly appreciated

Attachment: 
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Kureli Sankar Sun, 09/05/2010 - 18:19
User Badges:
  • Cisco Employee,

What is your webserver's inside/private address? 172.16.30.x right? It will use 172.16.30.1 for its GW which is the ASA's DMZ interface IP address.


People on the internet will try to reach this web server with the ip address 55.88.91.5.


The router on the outside will receive this packet and send it to the firewall.


The firewall will look at this packet and look at the translation configured and find the static translation and send the packet to the webserver's private address on the DMZ.


-KS

Actions

This Discussion