Now, let's set up a DMZ network through static routes, a DMZ network is basically the external traffic receiver, separate from the internal network. As a result, potential external threats will not affect the private network.

  In Project / Network / Network Topology create a new network by clicking in Create Network, then add the network name, keep the Create Subnet and Enable Administrative State options enabled and click in Next: 

  Add the subnet name, IP address, and gateway, then click in Next, then click in Create:

  In Project / Network / Network Topology click in Create Router, add the name for the router, keep the external network empty, and click in Create Router again.

   In Project / Network / Routers, click in the router you just created, then on the Interfaces tab, click in Add Interface, choose the subnet, add the corresponding IP address and click in Submit:

  Click again on Add Interface,choose the subnet-dmz and click in Submit:

  Now, in Project / Compute / Instances, create a one instance by following these creation steps:

  Note: If you do not know the processes of creating an instance, see the post How to create instances in BCOS?.

   Access the created instance console (VM05) and ping the external network:

   Note that you cannot access because the network does not have a route to the internet. You must then create static routes to allow access.

   So, in Project / Network / Routers click in router-production, then on the Static Routes tab, click in Add Static Routes, add the corresponding IPs and click in Submit:

   In Project / Network / Routers click in router-dmz.

   On the Static Routes tab, click in Add Static Routes, then add matching IPs, click in Submit:

  Retest the internet ping from the VM05:

 Note that with static routes internet access is enabled.

 Access the next post How to upload images in BCOS? to learn how to add custom images to the environment.