NAT, DMZ, port maps

bighornsheepbighornsheep Member Posts: 1,506
When running NAT, and you set a DMZ on say
but have port maps to

They are independent right? Port maps have a higher priority than DMZ?
Jack of all trades, master of none


  • Options
    hankooknarahankooknara Inactive Imported Users Posts: 24 ■□□□□□□□□□
    is this related to CCNA question?

    I am not trying to pick on anybody.. just trying to prepare for ccna exam and trying to know all the related topics on this ccna forum and saw this.

    Did a search on my ccna materials but did not see any related topic to DMZ.
    I know we are trying to learn as much as we can but I am trying to stay within the course to learn the right stuff for ccna.

    Can someone tell me if this is exam objectives?(please do not flame me.. not a attempt to argue.. just trying to learn the right objectives)
  • Options
    jbkmjbkm Member Posts: 55 ■■□□□□□□□□
    i test on monday and im pretty sure this is not CCNA testable. if it is them im probobly screwed! :D

    Maybe he ment to toss this under the CCNP section.
  • Options
    Danman32Danman32 Member Posts: 1,243
    DMZ is a designation of the intended use of a network. DMZ = Demilitarized zone. It refers to a network with some security, but probably as secure as the internal network, but certainly separate from it, usually for the purposes of securing resources that will be routinely accessed from an unsecured network, such as the internet. This is where you would place a public web server, SMTP server, public DNS server, etc. Often it is NATed, but it doesn't have to be. There would be a firewall though between the DMZ and the unsecured network, but it could be as simple as port filtering on a router only allowing the required ports through to the hosts on the DMZ, with the DMZ hosts having internet addressable IPs, thus not requiring NAT.

    DMZ is usually dealt with in exams, certs and courses dealing more with security than general routing.
  • Options
    bighornsheepbighornsheep Member Posts: 1,506
    I figured it out. DMZ is indeed independent from port maps.

    I'm trying to set a win2k3 box as the public server with HTTP, FTP services. But use RDP for my client machine, so I had to map the port to another ip.

    Thanks for the explanation though.

    Jack of all trades, master of none
Sign In or Register to comment.