• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 364
  • Last Modified:

Basic setup of DMZ (IP address allocations to different components)

I want to setup a DMZ for the first time using ISA 2004 for a webserver. It will be a trihomed DMZ and what I need help with is the IP address allocations.
Say we have been assigned the following public IP address block - /
Now the routers Ip address is
On the internet side, the firewall's NIC will be
Then do I make the IP of the NIC on the DMZ side and then the Webserver in the DMZ will have the IP
The firewall NIC on the LAN side will have the IP and every other Server/PC on the LAN will follow in this range (

So my main question is, is this break down correct or should the IP address allocations for the DMZ part be different, and if different what should it be for the DMZ and the Webserver.

Much appreciate the help
1 Solution
For a tri-homed dmz your exactly correct. Your DMZ is public, therefore it the firewall's DMZ NIC and all machines in the DMZ will utilize external IP addresses within your provided range. Your correct with all your statements.

Here is a good link that explains it for ISA "Tri-homed" section is of interest to you.

Hope it helps

Featured Post

Take Control of Web Hosting For Your Clients

As a web developer or IT admin, successfully managing multiple client accounts can be challenging. In this webinar we will look at the tools provided by Media Temple and Plesk to make managing your clients’ hosting easier.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now