Networking
Configuring a DMZ
Cisco SA500 Series Security Appliances Administration Guide 64
2
Configuring the DMZ Settings
Follow this procedure to configure your DMZ port settings, and then create
firewall rules to allow traffic to access the services on your DMZ.
STEP 1 First configure the Optional port for use as a DMZ:
a. Click Networking > Optional Port > Optional Port Mode, or from the Getting
Started (Advanced) page, under DMZ Port, click Set Optional Port to DMZ
mode.
The Optional Port Mode window opens.
b. Choose DMZ.
c. Click Apply to save your settings.
If you are using the Getting Started (Advanced) page, click Getting Started >
Advanced to return to the list of configuration tasks.
STEP 2 Click Networking > Optional Port > DMZ Config, or from the Getting Started
(Advanced) page, under DMZ Port, click Configure DMZ settings.
The DMZ Configuration window opens.
STEP 3 In the DMZ Port Setup area, enter an IP Address and the Subnet Mask for the
DMZ port on the internal network. Devices on the DMZ network communicate with
the router by using this IP address.The default DMZ IP address of 172.16.2.1 is
shown on the screen.
STEP 4 In the DHCP for DMZ Connected Computers area, enter the following
information:
• DHCP Mode: Choose one of the following modes:
- None: Choose this option if If the computers on the DMZ are configured
with static IP addresses or are configured to use another DHCP server.
- DHCP Server: Choose this option to allow the security appliance to act
as a DHCP server and to assign IP addresses to all devices that are
connected to the DMZ network. Also complete the fields that are
highlighted with white backgrounds.
- DHCP Relay: Choose this option to allow the security appliance to use a
DHCP Relay. If you choose this mode, also enter the IP address of the
Relay Gateway.
• Domain Name (optional): Enter a name for the domain.