Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
790
Views
0
Helpful
1
Replies

DMZ web server

samirshaikh52
Level 2
Level 2

‎09-05-2010 10:35 AM - edited ‎03-11-2019 11:35 AM

Hi Community,

I've prepared a scenario for test environment to clear some doubts, please see the attached image.

You can I have 3 interface on ASA and web server with a public ip address.

My question is that

1. When someone will try to access this webserver, how the packests will be on a ASA to reach the server ? Wha will be the routing ?

2. As you can see in the image the web server is int same subnet of ASA and router directly interfaces, what default I will use to go out from the dmz zone

If something not clear please let me know..

Any help will be highly appreciated

Labels:
Preview file
31 KB
0 Helpful
1 Reply 1

Kureli Sankar
Cisco Employee
Cisco Employee

‎09-05-2010 06:19 PM

What is your webserver's inside/private address? 172.16.30.x right? It will use 172.16.30.1 for its GW which is the ASA's DMZ interface IP address.

People on the internet will try to reach this web server with the ip address 55.88.91.5.

The router on the outside will receive this packet and send it to the firewall.

The firewall will look at this packet and look at the translation configured and find the static translation and send the packet to the webserver's private address on the DMZ.

-KS

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card