cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1576
Views
4
Helpful
4
Replies

Cisco ASA 5505 50-user bundle or Cisco ASA 5505 Security Plus bundle

Hi,

I have a question about Cisco ASA 5505 firewall.

We need 3 interfaces on the firewall ,  "inbound", "outbound" and "DMZ" ,  to control traffic between these zones.   

Can we do this with  Cisco ASA 5505 50-user bundle , or do we need  to purchase Cisco ASA 5505 Security Plus bundle to get the DMZ zone  working  

Best regards,

Pertti

4 REPLIES 4
Highlighted
Cisco Employee

Cisco ASA 5505 50-user bundle or Cisco ASA 5505 Security Plus bu

Yes you can do that with ASA 5505 (base license), you don't need the security plus license for 3 interfaces.

However, one of the interface (eg: dmz) can't initiate a connection to the inside zone (only to the internet).

Here is a diagram representation for your reference:

http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/intrface.html#wp1099376

In the diagram, business would be your inside interface, and home would be your dmz interface. Business/inside can initiate connection to both internet/outside and home/dmz. However, home/dmz can only initiate connection to internet/outside, not business/inside.

Hope that answers your question.

Highlighted

Cisco ASA 5505 50-user bundle or Cisco ASA 5505 Security Plus bu

Thanks Jennifer, your answer is great,

It brings up also an important thing concerning the traffic we need to implement between DMZ (home) amd Inside networks:

we have a e.g server in DMZ (home) zone that needs to make queries from a database on a server located in Inside zone, and deliver the queries ouside to the Internet (through outbound).

For this reason we would need the Security Plus licence anyway, If understood right ?

Best regards,

Pertti

Highlighted

Cisco ASA 5505 50-user bundle or Cisco ASA 5505 Security Plus bu

Hello Pertti,

You are right. If you want the communication from DMZ back to inside, yes you do need a sec plus license

regards

Harish.

Highlighted

Cisco ASA 5505 50-user bundle or Cisco ASA 5505 Security Plus bu

Hello Harish,

thanks for the confirmation.

Best regards.

Pertti