Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1243
Views
0
Helpful
3
Replies

SRP527 - Firewall

Jose Ventura
Level 1
Level 1

‎04-27-2011 03:35 AM

Hi,

Here is the hardware:

     1 Cisco SRP527

     1 WWW Server

     1 SQL Server

Is it possible to configure cisco Firewall in order to have HTTP:80 from internet routed to the WWW Server, and than this WWW Server run some querys on the SQL Server which is in the Corporate Network?

I can do port forwarding or DMZ to the WWW Server, but with the SQL Server on the same subnet it shouldnt be correct, right?

Should WWW Server and SQL Server be on different subnets for security reasons?

Attached you can see what i want to do.

Many thanks in advance.

Ventura.

Labels:
Preview file
40 KB
0 Helpful
3 Replies 3

Andrew Hickman
Cisco Employee
Cisco Employee

‎04-27-2011 06:44 AM

Hi Jose,

Using port forwarding (rather than DMZ) should be ok. In this case, both servers reside on the same VLAN - only port 80 traffic is allowed through the firewall and is only passed to the IP address of the HTTP server.

Andy

0 Helpful

Jose Ventura
Level 1
Level 1
In response to Andrew Hickman

‎04-27-2011 08:40 AM

Hi Andrew,

Many thanks for your reply.

In that case, if i use port forwarding, both the WWW and the SQL Server have to be on the same network, right?

Isn't it a security issue?

Ventura.

0 Helpful

Andrew Hickman
Cisco Employee
Cisco Employee
In response to Jose Ventura

‎04-28-2011 08:22 AM

Provided that you trust the HTTP application on your WWW server, then there shouldn't be any problem.

Andy

0 Helpful
Customers Also Viewed These Support Documents