cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
769
Views
0
Helpful
3
Replies

Creating a DMZ Using VLAN with Cisco IOS Firewall

lanscape
Level 1
Level 1

I want to configure a 1721 Router with a 4-Port Fast Ethernet Switch WAN Interface Card to create a DMZ with a WEB server connected to one of the 4 ports. The router has another serial interface card which connects to the internet. Since I have never configured a router with a DMZ port using the new 4-Port Fast Ethernet Switch WAN Interface Card I would really appreciate if there is anyone out there who has done this before and would share a sample configuration.

3 Replies 3

benhur.p
Level 1
Level 1

Are you talking about DMZ on Pix ?

No, I am talking about a 1700 router.

mnagel
Level 1
Level 1

The addition of the WIC-4ESW basically makes your router look sort of like a Catalyst 3550 switch. To create a separate routing/policy domain, you use the "vlan database" command to edit the port VLAN assignments, then you create separate Vlan interfaces as "virtual router ports", each attached to its respective VLAN on the switch module. More information and an example of inter-VLAN routing is available at http://www.cisco.com/en/US/products/hw/routers/ps221/prod_configuration_basics09186a00801a055a.html#230113. Once you have those interfaces defined, you can then use ACLs to limit traffic across the VLANs.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: