ASA 5510 Content.

psaravanan · ‎02-10-2011

Hi friends,

I need some clarification on the below setup.

Is it possible to use Dept firewall as a routed firewall or Multiple content based firewall.

because I need to segregate the dept from the above core switch.

Pls send your suggestions.

Thanks in advance.

Federico Coto Fajardo · ‎02-10-2011

Hi,

I don't see your setup included.

If you have an ASA (other than 5505) you can either use it routed/transparent or multiple/single mode.

Federico.

psaravanan · ‎02-10-2011

Hi Federico,

Sorry ya, I missed the setup diagram in the previous msg.

I have two number ASA 5510 Security Plus firewal.

I wish to utilise full feature of the security plus license for this setup.

Please send ur suggestions.

Federico Coto Fajardo · ‎02-10-2011

I would use those ASAs in single mode and in routed mode.

Is there any special reason why to want them in multiple context mode or transparent?

If you set the ASA to multiple context you lose functionality as VPN for example.

In transparent mode there's no VPN as well as well as other limitations.

In other words, if there's no special reason as to why to change the operating mode of the ASA, I'll suggest to keep them in single/routed mode.

Federico.

psaravanan · ‎02-10-2011

Hi Federico,

Thanks for your reply,

I don't use VPN, Dynamic routing and multicast in the Dept firewall.

I have some questions in below:

If i use Multiple content mode in the firewall, it will affect performance of the CPU or not.

because i have access rule around 60 lines.

If i use multiple content, then i can totally segregated the two networks connected to the Dept firewall.

One is Internet link to Dept and another one is Dept to Dept segregation.

Pls send ur suggestion.

thanks,

Saravanan.