Cisco Systems ASA 5500 Manual De Usuario
Chapter 6 Scenario: DMZ Configuration
Configuring the Security Appliance for a DMZ Deployment
6-10
Cisco ASA 5500 Series Adaptive Security Appliance Getting Started Guide
78-17611-01
g.
Click Add to add this range of IP addresses to the Address Pool.
The Add Global Pool dialog box configuration should be similar to the
following:
following:
h.
Click OK to return to the Configuration > NAT window.
Step 2
Add addresses to the IP pool to be used by the outside interface. These addresses
are used to translate private IP addresses so that inside clients can communicate
securely with clients on the Internet.
are used to translate private IP addresses so that inside clients can communicate
securely with clients on the Internet.
In this scenario, there are limited public IP addresses available. Use Port Address
Translation (PAT) so that many internal IP addresses can map to the same public
IP address, as follows:
Translation (PAT) so that many internal IP addresses can map to the same public
IP address, as follows:
a.
In the right pane of the NAT Configuration screen, click the Global Pools tab.
b.
Under the Global Pools tab, click Add.
The Add Global Pool Item dialog box appears.
c.
From the Interface drop-down list, choose Outside.
d.
Specify a Pool ID for the Outside interface.
You can add these addresses to the same IP pool that contains the address pool
used by the DMZ interface (in this scenario, the Pool ID is 200).
used by the DMZ interface (in this scenario, the Pool ID is 200).