![background image](http://html.mh-extra.com/html/cisco/5510-asa-ssl-ipsec-vpn-edition/5510-asa-ssl-ipsec-vpn-edition_getting-started-manual_64653086.webp)
Chapter 8 Scenario: DMZ Configuration
Example DMZ Network Topology
8-4
Cisco ASA 5500 Series Getting Started Guide
78-19186-01
When an inside user requests an HTTP page from a web server on the Internet,
data moves through the adaptive security appliance as follows:
1.
The user on the inside network requests a web page from www.example.com.
2.
The adaptive security appliance receives the packet and, because it is a new
session, verifies that the packet is allowed.
3.
The adaptive security appliance performs Network Address Translation
(NAT) to translate the local source address (192.168.1.2) to the public address
of the outside interface (209.165.200.225).
4.
The adaptive security appliance records that a session is established and
forwards the packet from the outside interface.
5.
When www.example.com responds to the request, the packet goes through the
adaptive security appliance using the established session.
6.
The adaptive security appliance uses NAT to translate the public destination
(209.165.200.225) address to the local user address, 192.168.1.2.
7.
The adaptive security appliance forwards the packet to the inside user.
An Internet User Visits the DMZ Web Server
Figure 8-3
shows the traffic flow through the adaptive security appliance when a
user on the Internet requests a web page from the DMZ web server.
Содержание 5510 - ASA SSL / IPsec VPN Edition
Страница 10: ...Contents x Cisco ASA 5500 Series Getting Started Guide 78 19186 01 ...
Страница 42: ...Chapter 3 Installing the ASA 5550 What to Do Next 3 20 Cisco ASA 5500 Series Getting Started Guide 78 19186 01 ...
Страница 106: ...Chapter 8 Scenario DMZ Configuration What to Do Next 8 24 Cisco ASA 5500 Series Getting Started Guide 78 19186 01 ...
Страница 182: ...Chapter 13 Configuring the AIP SSM What to Do Next 13 16 Cisco ASA 5500 Series Getting Started Guide 78 19186 01 ...