ScreenOS Firewalls (NOT SRX)
Showing results for 
Search instead for 
Do you mean 
Posts: 33
Registered: ‎06-18-2008
0 Kudos
Accepted Solution

DMZ Configuration

Dear ,


            Recently I have configured Netscreen 50 as transparent mode in our network. Now we are in plan of implementing DMZ network to publish two public servers. Can anyone help me , how to configure DMZ with the Netscreen 50 as it is transparent?





Abdul Rahuman.M

Posts: 3
Registered: ‎06-01-2008
0 Kudos

Re: DMZ Configuration

transparent mode the v1-dmz same as v1-trust,use policy control the traffic flow.

Trusted Expert
Posts: 441
Registered: ‎07-08-2008
0 Kudos

Re: DMZ Configuration



I have attached a diagram that show how a transparent box would look like with a DMZ.


What you need to do is:


1) Set one of the spare interfaces to the v1-dmz zone


2) plug in a switch into the v1-dmz interface and the servers that need to be in the dmz into the switch.


3) Create policies from v1-untrust to v1-dmz to allow certain traffic into the dmz for instance http.


4) Becuase the firewall is in transparent mode it can't do and address translation, so if you network that your firewall on is an internal range eg. then you will need another device upstream from the firewall to do the address translation for you to change a public IP from your ISP to the IP address of the server in the DMZ.


Hope this information helps