01-28-2014 12:43 PM - last edited on 03-25-2019 05:52 PM by ciscomoderator
Hello Everybody
I have many services that i want to publish on Internet (web server, ftp and mail). so for this, i configured my ASA with 3 interfaces
Gi0/0: sec level 0 (outside)
GI0/1: sec level 50 (dmz)
Gi0/2: sec level 100 (inside)
Doing necessary nat and acl to allow public users on Internet to access my web servers and ftp successfully.
I read on the ASA the configuartion of Public servers
My question is that public servers replace dmz configuration with acl and nat ?
In what case use public servers instead of dmz configuation with 3 interfacess.
Can i place my web servers, ftp and mail in inside lan and used public servers configuration safety?
Need your clarification please
Regards
01-28-2014 05:00 PM
Hello,
DMZ refers to an interface where you will place servers or appliances that will be accessed from the external world so there is no DMZ configuration. It's basically a security zone that you could create and then start configuring it as any other interface.
Now the Public-Server is actually a feature that allow you to configure in one step both the ACL and the NAT then making it easier for our customers.
Looking for some Networking Assistance?
Contact me directly at jcarvaja@laguiadelnetworking.com
I will fix your problem ASAP.
Cheers,
Julio Carvajal Segura
http://laguiadelnetworking.com
01-29-2014 03:11 AM
Hello Julio,
Thanks for your reply,
My question is, can i publish applications that will be accessed from Internet using public servers instead of configuring DMZ on a third asa interface.
Can i place web servers, ftp servers and mail server in inside part and publish them to Internet usig public server?
Regards
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide