04-24-2017 03:47 AM - edited 03-12-2019 02:15 AM
Hello everyone,
I am new to SA I want to set up an ASA 5525 on a local network in there are VLANs (Vlan print vlan server vlan client vlan wifi Vlan DMZ )
I want how I can configure it and communicate the print and server vlan and client to each other
And for the DMZ it must be consulted in public and internally by vlan server and client
My architecture its :
for the internal vlan (they have the same physical interface " subinterfaces"):
Vlan 2 server (172.16.1.0/24)
Vlan 3 desktop (172.16.2.0/24)
Vlan 4 printer (172.16.3.0/24)
Vlan 2,3,4 some secrity level
and
Vlan 5 DMZ (172.16.4.0/24)
For the vlan DMZ it has a unique physical interface. I have an application web server in the zone DMZ which must communicate with a server in the vlan 2 for the replication MSSQL
thanks in advance
Solved! Go to Solution.
04-24-2017 04:36 AM
You should be able to set up 1 physical interface and break it into sub-interfaces for your internal networks. A good example of this is given here:
http://www.petenetlive.com/KB/Article/0001085
The DMZ can be a standalone interface as there is only 1 VLAN behind it.
Once they are broken up into sub-interfaces, each acts as its own interface with a security level and ip address etc. You can create ACL's to allow traffic from lower security level interfaces to higher ones. traffic from a Higher to lower security level should be allowed without the need to add ACL's.
04-24-2017 04:36 AM
You should be able to set up 1 physical interface and break it into sub-interfaces for your internal networks. A good example of this is given here:
http://www.petenetlive.com/KB/Article/0001085
The DMZ can be a standalone interface as there is only 1 VLAN behind it.
Once they are broken up into sub-interfaces, each acts as its own interface with a security level and ip address etc. You can create ACL's to allow traffic from lower security level interfaces to higher ones. traffic from a Higher to lower security level should be allowed without the need to add ACL's.
04-26-2017 12:31 AM
hello ,
thank you for reply :)
have you a doc step by step ( first setup and configuration of asa) and Firepower ?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide