Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

IP Address Usage within dmz

Not being much familiar with pix or firewall configuration for that matter, a simple question for those in the know.

In relation to a pix 515e with 3 interfaces (e0=outside, e1=inside, e2=dmz) is it the norm for devices located within the dmz to have private ip addresses assigned to them, and then to use the public ip address space for access from the outside interface? All the config examples within this forum and tech docs show only private ip addresses used within the dmz.

I just need some clarification on this, as I am studying firewall configuration especially pertaining to the pix 515e.

Thanks,

Roger

  • Other Security Subjects
1 REPLY
Silver

Re: IP Address Usage within dmz

Hello Roger,

Yes, it is a very common practice to use the private addresses on the inside and dmz and then translate the addresses when communication is required from outside to inside/dmz. The advantage is that you are hiding the actual address of the machines with the help of NAT engine.

I hope this answers your question.

Regards,

Mynul

267
Views
0
Helpful
1
Replies
This widget could not be displayed.