How to DMZ in Cisco ASA 5520?

Posted on 2007-10-17
Medium Priority
Last Modified: 2013-11-16
What is a DMZ. We are upgrading our Router to a Cisco ASA 5520. The mail server and the FTP server are in a DMZ. I would like to know how to setup a DMZ. Do you setup  a DMZ by telling the router that one of the ports on the router is a DMZ or do you setup a DMZ based on the server address behind the firewall. Whats the difference of just putting the servers behind the ISPs router than the ASA 5520.

Thank you,
Question by:netcomp
  • 3
LVL 58

Accepted Solution

Pete Long earned 2000 total points
ID: 20099216
Firstly a 5505 is NOT a router its a statefull firewall :) though it can provide routing functionality

>>Do you setup  a DMZ by telling the router that one of the ports on the router is a DMZ

Yes you set a particular interface as the DMZ port - give it a sensible name like DMZ and a security number (like 50 - so its less than the outside interface=100 and more than the inside interface=0) then you allow traffic from the DMZ to either the outside world or the "inside" network as required.

mail server in the DMZ how to set up

As for FTP the config is the same but you allow FTP as well as smtp :)


Author Comment

ID: 20108133
Ok thanks for the link, I read up the link and I am not clear. Can someone give me the sample commands and tell me how it works.
LVL 58

Expert Comment

by:Pete Long
ID: 20108567
What IP addresses do you want to use?
LVL 58

Expert Comment

by:Pete Long
ID: 22974028

Featured Post

Big Data Means Big Business

In data-dependent industries like IT, finance, and healthcare, there’s a growing demand for qualified analysts to fill leadership roles. WGU’s MS in Data Analytics has IT certifications from Oracle and SAS built into its curriculum at a flat fee that could save you money.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When speed and performance are vital to revenue, companies must have complete confidence in their cloud environment.
Let’s face it: one of the reasons your organization chose a SaaS solution (whether Microsoft Dynamics 365, Netsuite or SAP) is that it is subscription-based. The upkeep is done. Or so you think.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…

621 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question