Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Creating a DMZ Using VLAN with Cisco IOS Firewall

I want to configure a 1721 Router with a 4-Port Fast Ethernet Switch WAN Interface Card to create a DMZ with a WEB server connected to one of the 4 ports. The router has another serial interface card which connects to the internet. Since I have never configured a router with a DMZ port using the new 4-Port Fast Ethernet Switch WAN Interface Card I would really appreciate if there is anyone out there who has done this before and would share a sample configuration.

3 REPLIES
New Member

Re: Creating a DMZ Using VLAN with Cisco IOS Firewall

Are you talking about DMZ on Pix ?

New Member

Re: Creating a DMZ Using VLAN with Cisco IOS Firewall

No, I am talking about a 1700 router.

New Member

Re: Creating a DMZ Using VLAN with Cisco IOS Firewall

The addition of the WIC-4ESW basically makes your router look sort of like a Catalyst 3550 switch. To create a separate routing/policy domain, you use the "vlan database" command to edit the port VLAN assignments, then you create separate Vlan interfaces as "virtual router ports", each attached to its respective VLAN on the switch module. More information and an example of inter-VLAN routing is available at http://www.cisco.com/en/US/products/hw/routers/ps221/prod_configuration_basics09186a00801a055a.html#230113. Once you have those interfaces defined, you can then use ACLs to limit traffic across the VLANs.

453
Views
0
Helpful
3
Replies