What is DMZ

kashyap1977 · ‎06-06-2004

What is DMZ and why we need to configure???

What devices we need to configure DMZ.

In which scenario we need it....

Kindly advise.

Georg Pauwen · ‎06-06-2004

Hello,

a demilitarized zone is usually a small subnet or a single computer that sits between a trusted internal network, such as a corporate private LAN, and an untrusted external network, such as the public Internet.

Typically, the DMZ contains devices accessible to Internet traffic, such as Web (HTTP ) servers, FTP servers, SMTP (e-mail) servers and DNS servers.

The devices used in a DMZ can be anything, routers, firewalls, switches.

Usually you would set up a DMZ if you want external (that is, external to your network) users to access certain resources, but if you do not want these users to access your internal network.

The term actually comes from military use, meaning a buffer area between two enemies.

HTH,

Georg

kashyap1977 · ‎06-07-2004

hi georg

we have DMZ setup, which contain devices like pix fw for internet, and one 2950 switch & one internet router..so how it all works....some scenario...

how this can be all configured??? do we need to assign some range of private IP..

kindly suggest.

jamey · ‎06-08-2004

Here's a URL that shows a PIX configured with a DMZ that has a mail server on it:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a008015efa9.shtml

You can use private IPs for the DMZ (see the above example).

If for example you had a web server that you wanted to be accessed from the Internet, you'd have something like this:

Internet Cloud

|

Internet Router

|

(External Interface)

|

PIX-(DMZ Interface)----2950----web server

|

(Internal Interface)

|

Internal network