06-21-2007 07:28 AM
Is there any reason the following configuration would not work. I would like to create 2 vlans on a css and connect each to 2 interfaces on an ASA. Then connect 2 servers into the 2 vlans on the css. The 2 servers should not be able to talk to eachother except through the firewall. It seems like a simple set up but no one ever suggests it, they always suggest a one armed topology?
-ASA-
int e1
ip addr 192.168.100.1
nameif inside
int e2
ip addr 192.168.200.1
nameif dmz
-CSS-
int e1
bridge vlan 100
int e2
bridge vlan 200
-Servers-
Server 1 = 192.168.100.x
Server 2 = 192.168.200.x
06-21-2007 10:01 AM
Anybody? This should be an easy one for you guys. Is there enough information?
I am trying to avoid having to do a one armed configuration. I have a server which cannot be located on the same subnet as the other servers on the css. I need this server to be located on the inside of the firewall, not on the dmz where the css resides.
06-22-2007 07:56 AM
Is this just a stupid question or what?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide