Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Difference Between Configuring DMZ and Public Servers

Hello Everybody

I have many services that i want to publish on Internet (web server, ftp and mail). so for this, i configured my ASA with 3 interfaces

Gi0/0: sec level 0 (outside)

GI0/1: sec level 50 (dmz)

Gi0/2: sec level 100 (inside)

Doing necessary nat and acl to allow public users on Internet to access my web servers and ftp successfully.

I read on the ASA the configuartion of Public servers

http://www.cisco.com/en/US/partner/docs/security/asa/asa83/asdm63/configuration_guide/public_servers.html

My question is that public servers replace dmz configuration with acl and nat ?

In what case use public servers instead of dmz configuation with 3 interfacess.

Can i place my web servers, ftp and mail in inside lan and used public servers configuration safety?

Need your clarification please

Regards

2 REPLIES

Difference Between Configuring DMZ and Public Servers

Hello,

DMZ refers to an interface where you will place servers or appliances that will be accessed from the external world so there is no DMZ configuration. It's basically a security zone that you could create and then start configuring it as any other interface.

Now the Public-Server is actually a feature that allow you to configure in one step both the ACL and the NAT then making it easier for our customers.

Looking for some Networking Assistance? 
Contact me directly at jcarvaja@laguiadelnetworking.com

I will fix your problem ASAP.

Cheers,

Julio Carvajal Segura
http://laguiadelnetworking.com

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
New Member

Difference Between Configuring DMZ and Public Servers

Hello Julio,

Thanks for your reply,

My question is, can i publish applications that will be accessed from Internet using public servers instead of configuring DMZ on a third asa interface.

Can i place web servers, ftp servers and mail server in inside part and publish them to Internet usig public server?

Regards

226
Views
0
Helpful
2
Replies
CreatePlease login to create content