Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

how to configure dmz on 2821 with multiple public ip address

I have a cisco 2821 with two ethernet interfaces and one 8-port HWIC card.

On one ethernet with a public ip address(Untrust), and the other with internal network 10.5.0.0/16(Trust).

On the 8-port card I plan to configure as DMZ with multiple public ip addresses, and connect several web servers to be accessed from internet -- I had trouble doing it -- is this possible? And what is the right way to do it?

Thanks in advance, Keith

Everyone's tags (1)
4 REPLIES
Cisco Employee

Re: how to configure dmz on 2821 with multiple public ip address

Hello,

You need to configure VLAN interfaces and assign the HWIC ports to specific

VLANs. Here is the configuration guide for configuring the HWIC card.

http://www.cisco.com/en/US/docs/ios/lanswitch/configuration/guide/lsw_hwic_e

thsw_ic_ps6350_TSD_Products_Configuration_Guide_Chapter.html#wp1027188

Hope this helps.

Regards,

NT

Community Member

Re: how to configure dmz on 2821 with multiple public ip address

Thank you, Nagaraja and TodirascuOvidiu.

Cisco support helps out on this one:

In other words, traffic destined to the DMZ Server was coming in through the

T1 link on the DMZ and trying to go out the Out-Zone.

I configured PBR on VLAN1 to force the return traffic from the DMZ Servers out the T1.

Community Member

Re: how to configure dmz on 2821 with multiple public ip address

The solution would be to use Zone Based Firewall this is the new ios firewall. The configuration is lenghty but if you have experience with PIX/ASAs you will find it easy to learn.

http://www.cisco.com/en/US/products/ps6441/products_feature_guide09186a008060f6dd.html

Community Member

Re: how to configure dmz on 2821 with multiple public ip address

Thank you!

1366
Views
0
Helpful
4
Replies
CreatePlease to create content