Hi,Yes the campaigns would be

Jim Kerr · ‎07-27-2015

Hi

I am currently using an ASA5550 running in Multiple Context mode and using it as an internet firewall.

We have a number of campaigns that are handled by separate Contexts within the Firewall.

Unfortunately the external IP range provided by my ISP is now fully used with no available addresses. However I need to provide additional inbound internet connectivity for a brand new campaign we will be running.

My ISP won't provide any further external address ranges for us to use and I am trying to work out if any of our existing external addresses can be also used for my new campaign (as well as continuing to serve existing connectivity for another campaign).

Again, I plan on creating a new Context on the firewall for the new campaign, however I don't want our new traffic being processed by the existing context only by our new one.

Any ideas ?

thanks

Karsten Iwen · ‎07-27-2015

Without extra public addresses, I don't see any elegant solution to solve that. But perhaps some of the not so elegant ways will work for you.

When you talk about campaigns, are these Websites? If yes, what about:

putting a reverse-proxy in one of the contexts where all your Web-requestst are terminated.
The reverse-proxy sends these requests to the servers in the relevant context.

With that, your non-proxy contexts don't even need a public IP, you could even use private addresses here. Now it will scale indefinitely.

Jim Kerr · ‎07-28-2015

Hi,

Yes the campaigns would be individual webservers.

thanks for your response.

No more external addresses !