6-5
ASA 5505 Getting Started Guide
78-18003-02
Chapter 6 Scenario: DMZ Configuration
Example DMZ Network Topology
Figure 6-3 An Inside User Visits an Internet Web Server
When an inside user requests an HTTP page from a web server on the Internet,
data moves through the adaptive security appliance as follows:
1. The user on the inside network requests a web page from www.example.com.
2. The adaptive security appliance receives the packet and, because it is a new
session, verifies that the packet is allowed.
3. The adaptive security appliance performs network address translation (NAT)
to translate the local source address (192.168.1.2) to the public address of the
outside interface (209.165.200.225).
User
192.168.1.2
Inside
DMZ
191799
www.example.com
Internet
Public IP Address
209.165.200.225
(outside interface)
Inside interface
192.168.1.1
DMZ interface
10.30.30.1
Web Server
Private IP Address: 10.30.30.30
Public IP Address: 209.165.200.225
Source Address Translation
209.165.201.225192.168.1.2
To Next Page
Loading...
