Natting the DMZ on an 877w

Discussion in 'Cisco' started by Brad, Nov 21, 2007.

  1. Brad

    Brad Guest

    Scenario

    Cisco 877w with Advanced IP Services IOS and SDM 2.4.1. I need to
    setup a DMZ on this device but my question is should I NAT the
    addresses in the DMZ or use public ips? My plan is to make the DMZ a
    separate VLAN (actually HAVE to on the 877w since they don't really
    support a true DMZ) but by NATting the DMZ address space I have only
    the choice of a NAT "inside" or NAT "outside" via SDM. I am assuming
    that NATing them as "inside" just means that they are addresses that
    need to be translated, NOT that they are in an "inside" security zone
    like my main VLAN is.

    The ultimate goal is to have my Edge Transport server for Exchange
    2007 in my DMZ and have the other Exchange services NATted to the
    "inside" or trusted network.

    Thanks

    Brad
    Brad, Nov 21, 2007
    #1
    1. Advertising

  2. Brad

    Park City Guest

    On Nov 21, 2:08 pm, Brad <> wrote:
    > Scenario
    >
    > Cisco 877w with Advanced IP Services IOS and SDM 2.4.1. I need to
    > setup a DMZ on this device but my question is should I NAT the
    > addresses in the DMZ or use public ips? My plan is to make the DMZ a
    > separate VLAN (actually HAVE to on the 877w since they don't really
    > support a true DMZ) but by NATting the DMZ address space I have only
    > the choice of a NAT "inside" or NAT "outside" via SDM. I am assuming
    > that NATing them as "inside" just means that they are addresses that
    > need to be translated, NOT that they are in an "inside" security zone
    > like my main VLAN is.
    >
    > The ultimate goal is to have my Edge Transport server for Exchange
    > 2007 in my DMZ and have the other Exchange services NATted to the
    > "inside" or trusted network.
    >
    > Thanks
    >
    > Brad


    Come on.....no one has an any advice on this one...please?
    Park City, Nov 27, 2007
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. manu
    Replies:
    0
    Views:
    468
  2. JohnC
    Replies:
    9
    Views:
    828
    Walter Roberson
    Dec 7, 2004
  3. Network-Guy

    Cisco PIX DMZ to DMZ Access

    Network-Guy, Sep 23, 2005, in forum: Cisco
    Replies:
    7
    Views:
    3,863
    Walter Roberson
    Sep 25, 2005
  4. morten
    Replies:
    4
    Views:
    1,170
    Tilman Schmidt
    Sep 4, 2007
  5. Jack
    Replies:
    0
    Views:
    652
Loading...

Share This Page