Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
336
Views
0
Helpful
1
Replies

Needing to create a DMZ zone/vlan on a small ASA.

kscottwoody
Level 1
Level 1

‎03-20-2015 12:00 PM - edited ‎03-11-2019 10:40 PM

Hopefully an easy question as this is not my forte.

I have an a small ASA-5505 running 8.2(2).

I have 2 vlans

inside 192.168.58.0/24 – security level 25

outside 25.65.25.134/30 – security level 0

 

I want to create a small DMZ with the public range I was given, a /29 block that is being forwarded to me. 

How do I setup a DMZ zone to account for this block when I am connecting over a /30 network.

Labels:
0 Helpful
1 Reply 1

Jon Marshall
Hall of Fame
Hall of Fame

‎03-20-2015 01:31 PM

Your ISP should have a route for that new subnet pointing to the outside interface of your ASA.

So you can then either allocate the public IPs to the actual machines in which case you need one IP for the DMZ interface on the ASA or you can give your DMZ machines private IPs and just use the new IPs in your NAT statements on the ASA.

Up to but you don't need to assign any IP from the new block to an actual interface if you don't want to.

Jon

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card