cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
1326
Views
0
Helpful
5
Replies
Highlighted
Beginner

Route public ip-adresses to DMZ port

Hi

I have a customer thats got a Linksys router now, that has a DMZ port.

The DMZ port is configurede to it routes the extra public ip-adress to the DMZ port it has.

At the DMZ port they have another router connected, where they routes the public ip-adresses på some other devices.

How can i make this setup on a Cisco ASA 5505 (With the Security Plus licens)

The setup as it is now:

Some Linksys router
WAN IP: 12.23.45.56

Gate: 12.23.45.55

DMZ-Range: 12.23.45.57-65

What i have to do is to replace the Linksys router, and make it so, so it works like it was before with the Linksys.

Thanks for replays

-Simon

Everyone's tags (4)
5 REPLIES 5
Rising star

Route public ip-adresses to DMZ port

Hi Simon,

I am not sure what subnet mask do you have at the moment, because both WAN and DMZ should be in different ones. That said, if you could divide your public address space into two pieces(two segments with /28) you could place your ASA in that way:

lan

   |

   |

ASA----dmz(12.23.45.32/28)

   |

   |

wan(12.23.45.48/28)

I hope this make sense, at least this is the task I understood from the initial explanation :)

Cheers,

Ivan.

Beginner

Route public ip-adresses to DMZ port

Ok, but how do i make the config at the ASA?

Rising star

Route public ip-adresses to DMZ port

you mean 'how' ?

the first answer is the official doc at http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/config.html

also there are a lot of examples here - http://www.cisco.com/en/US/products/ps6120/prod_configuration_examples_list.html

Does that answer your question, Simon?

HTH,

Ivan.

Beginner

Route public ip-adresses to DMZ port

Im sorry, but i dont know exactly looking for in the guides and examples.

Rising star

Route public ip-adresses to DMZ port

no worries,

first you'd need to get on track by learning how to configure an interface on ASA:

http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/intrface.html

then how to configure/apply an access-list, setup basic routing and implement NAT if needed. This is a bare minimum in my HO one should know upon initial interaction with ASA/PIX and perhaps with other FW'alls as well.

Second, this example might be helpful: http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080094ea2.shtml

And last, this example might shed a bit of light on how to incorporate a third segment to your existing setup:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00806745b8.shtm

Let me know if you have any further questions,

Cheers,

Ivan.

CreatePlease to create content
Content for Community-Ad
July's Community Spotlight Awards