My situation is like this: The firewall has a static public IP address (192.168.2.1), and a Web Server is connect to the firewall in the DMZ, the Application Server and the Database Server are connected to the firewall from the inside interface. All the IP addresses of the Web, Application, and the Database Servers are private IPs such as 192.168.2.x (where x = 2, 3, 4). Some web applications are deployed to this system (on Application Server such as http://www.MyWebSite.com).
This will be what I expected: a user launches the web browser and types in http://www.mywebsite.com, trying to access the web application. The DNS server will direct the request to the firewall (192.168.2.1). Once the firewall receives the request, it will forward the request to the web server. The web servers HTTP server will pass through the firewall and send the request to the application server, which in turn queries the database.
My questions are:
1) Can the firewall (which has a public static IP) direct the request to the web server (which has a private IP) in the DMZ? If so, how does it do it? Do I need to configure the firewall?
2) How does the HTTP server (installed on the web server) send the request passing through the firewall? Any special configuration? Or by default.
3) If the firewall comes with the VPN capability, can I remotely access the web server, the application server and the database server via this firewall?
4) Can I have the same web server to carry out both the caching and HTTP functions?
1.Its very well possible to nat out the public ip to a inside ip,also you need to allowt he access for the server.And you need to check out the reachability also from outside zone once you are done with NATTING and access resetrcitions.
2.You need to open the port on which the HTTP services are running ,it may be on 80 or 8080 etc., the same you need to open up in your firewall and also in the access creation policy for that particult inside ip you need to open up that particular port for outside access.
3.Using the Easy VPN server option with the PIX firewall you can very well configure and allow the mobile users to get into your network and access all the mail or database servers in your network.
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...