DMZ and WAN interface
notgoing2fail
Member Posts: 1,138
in CCNA & CCENT
Couple of questions...
1) Are ethernet ports the only ports that can be associated with DMZ? When playing around with my SDM, I noticed that it would not allow me to use my serial ports as a DMZ port.
2) If you only have two interfaces, inside and outside. Can you create a VLAN on the inside interface, give it an SVI and call that the "virtual" DMZ?
In my eyes, DMZ is nothing more than a separate network, so can you just apply your "dmz" rules/policies to a VLAN instead?
If DMZ is more than just a separate network, please let me know fundamentally where I am wrong on this.
3) Can you have more than 1 DMZ port? And if so, is there a limit and is that even proper design to have multiple DMZ ports no matter how large scale the network is?
1) Are ethernet ports the only ports that can be associated with DMZ? When playing around with my SDM, I noticed that it would not allow me to use my serial ports as a DMZ port.
2) If you only have two interfaces, inside and outside. Can you create a VLAN on the inside interface, give it an SVI and call that the "virtual" DMZ?
In my eyes, DMZ is nothing more than a separate network, so can you just apply your "dmz" rules/policies to a VLAN instead?
If DMZ is more than just a separate network, please let me know fundamentally where I am wrong on this.
3) Can you have more than 1 DMZ port? And if so, is there a limit and is that even proper design to have multiple DMZ ports no matter how large scale the network is?