Click Next, and a warning about launching SDM from an
outside interface appears, similar to the one shown in the Basic Firewall Con?¬?guration
Wizard (refer to Figure 6-6). Click OK to continue.
Figure 6-11 Advanced Firewall Interface Con?¬?guration
If you have selected an interface as a DMZ interface, you are shown the Advanced Firewall
DMZ Service Con?¬?guration window, as shown in Figure 6-12. In this window, you can
de?¬?ne DMZ services that are accessible from the outside network, such as mail, FTP, and
VPN. Click Add to de?¬?ne a DMZ service.
152 Con?¬?guring an Advanced Firewall Using SDM
Figure 6-12 Advanced Firewall DMZ Service Con?¬?guration
Figure 6-13 shows the DMZ Service Con?¬?guration dialog box. Enter the IP address of
the server, followed by the service port number or well-known name. Clicking the ellipsis
button opens the Service Menu where you can select the service from a list of well-known
services. If you open this menu, click OK to return to the DMZ Service Con?¬?guration
dialog box. After you have entered in all of the DMZ services required, click Next to
continue.
Con?¬?guring an Advanced Firewall Using SDM 153
Figure 6-13 DMZ Service Con?¬?guration and Service Dialog Boxes
The next item to con?¬?gure is the inspection granularity for services that are running in the
DMZ.
Pages:
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135