|
Posted by Brad on November 21, 2007, 4:08 pm
Please log in for more thread options
Scenario
Cisco 877w with Advanced IP Services IOS and SDM 2.4.1. I need to
setup a DMZ on this device but my question is should I NAT the
addresses in the DMZ or use public ips? My plan is to make the DMZ a
separate VLAN (actually HAVE to on the 877w since they don't really
support a true DMZ) but by NATting the DMZ address space I have only
the choice of a NAT "inside" or NAT "outside" via SDM. I am assuming
that NATing them as "inside" just means that they are addresses that
need to be translated, NOT that they are in an "inside" security zone
like my main VLAN is.
The ultimate goal is to have my Edge Transport server for Exchange
2007 in my DMZ and have the other Exchange services NATted to the
"inside" or trusted network.
Thanks
Brad
|
|
Posted by Park City on November 26, 2007, 10:52 pm
Please log in for more thread options
> Scenario
> Cisco 877w with Advanced IP Services IOS and SDM 2.4.1. I need to
> setup a DMZ on this device but my question is should I NAT the
> addresses in the DMZ or use public ips? My plan is to make the DMZ a
> separate VLAN (actually HAVE to on the 877w since they don't really
> support a true DMZ) but by NATting the DMZ address space I have only
> the choice of a NAT "inside" or NAT "outside" via SDM. I am assuming
> that NATing them as "inside" just means that they are addresses that
> need to be translated, NOT that they are in an "inside" security zone
> like my main VLAN is.
> The ultimate goal is to have my Edge Transport server for Exchange
> 2007 in my DMZ and have the other Exchange services NATted to the
> "inside" or trusted network.
> Thanks
> Brad
Come on.....no one has an any advice on this one...please?
|
| Similar Threads | Posted |
| Natting the DMZ on an 877w | November 21, 2007, 4:08 pm |
| NATting out | October 1, 2009, 2:37 am |
| NATting both ways | January 15, 2008, 1:15 pm |
| PIX 515e - Double NATting? | November 14, 2006, 6:29 pm |
| Cisco 2811 VPN NATting | May 24, 2007, 11:26 am |
| Static Natting Command | October 24, 2009, 12:56 pm |
| Natting Outside to Inside with Port Access | January 18, 2008, 6:30 am |
| vpn on 2811 with overlapping networks and all natting on one side | November 26, 2007, 10:24 am |
| NATting just a small range of addresses on ASA 5505 | July 9, 2009, 9:58 am |
| Another Question on the 877W | July 25, 2006, 6:35 am |
| Applying QOS on an 877W | February 17, 2007, 6:35 am |
| 877W and Be Broadband | September 19, 2007, 5:48 am |
| NAT type of Cisco 877W | November 26, 2005, 8:14 pm |
| Using IPv6 on a Cisco 877W | October 21, 2006, 10:52 am |
| Bridging with a Cisco 877W | December 21, 2006, 1:11 pm |
Natting the DMZ on an 877w
Yahoo!
Google
Windows Live
del.icio.us
digg
Netscape
> Cisco 877w with Advanced IP Services IOS and SDM 2.4.1. I need to
> setup a DMZ on this device but my question is should I NAT the
> addresses in the DMZ or use public ips? My plan is to make the DMZ a
> separate VLAN (actually HAVE to on the 877w since they don't really
> support a true DMZ) but by NATting the DMZ address space I have only
> the choice of a NAT "inside" or NAT "outside" via SDM. I am assuming
> that NATing them as "inside" just means that they are addresses that
> need to be translated, NOT that they are in an "inside" security zone
> like my main VLAN is.
> The ultimate goal is to have my Edge Transport server for Exchange
> 2007 in my DMZ and have the other Exchange services NATted to the
> "inside" or trusted network.
> Thanks
> Brad