Cisco ASA - Combination of PUBLIC and LOCAL IP within one ASA 5510.
We configured ASA5510 like this:
Int0 – outside connected to modem
Int1 – inside connected to internal switch
IP Route is managed by configuring PPPOE within ASA
Our inside has IP 18.104.22.168/29
Our outside has IP 22.214.171.124
Obviously, we could use any of the static public IP address within range /29 connected to internal interface int1 which they are all consider behind Firewall and we could manage to open port or services to any. (e.g. if we connect application mail server to one static IP facing inside network like 126.96.36.199, we could manage to open SMTP ports in/out and or SSH to trusted IP)
What we need now is to have another range of internal IP address (i.e. class C like 10.10.10.1/24) in 3rd interface ASA (int2) and they have routed to one of the public IP within int1 (inside).
For instant, we want to have 10.10.10.1/24 routed to 188.8.131.52 and also have an opportunity to do apply firewall rules and NATing from external to internal (i.e. assume we set web-server on IP 10.10.10.195, we like to open port HTTP and HTTPS to public while external IP would be 184.108.40.206)
Clearly this is possible by adding another router – but we want to use same ASA5510 for both of these requirements.
If anyone done this before or have some solution, we would apricated the help and feedback.
This is to address those customers coming to ISE from ACS or new to ISE that need a password change portal (UCP)
What are the licensing requirements for this solution?
My Devices - For using the password change with My Devices you need plus licenses as ...
In this paper we will document the configuration and operation of an integrated solution that includes identity management, firewall, cloud-based management, and cloud-based logging.
We will use the following Cisco products:
These days everything is in the cloud. We all know that Cisco Firepower Threat Defense (FTD) is a unified software image, which includes the Cisco ASA features and FirePOWER Services. Using Cisco Defense Orchestrator (CDO), you can manage physical or virt...
Cisco Defense Orchestrator (CDO) is a cloud-based, multi-device manager that provides a simple, consistent, and highly secure way of managing security policies on all your ASA devices. CDO helps you optimize your ASA environment by identifying problems wi...