09-26-2011 11:21 AM - edited 03-04-2019 01:44 PM
Hi
I have a customer thats got a Linksys router now, that has a DMZ port.
The DMZ port is configurede to it routes the extra public ip-adress to the DMZ port it has.
At the DMZ port they have another router connected, where they routes the public ip-adresses på some other devices.
How can i make this setup on a Cisco ASA 5505 (With the Security Plus licens)
The setup as it is now:
Some Linksys router
WAN IP: 12.23.45.56
Gate: 12.23.45.55
DMZ-Range: 12.23.45.57-65
What i have to do is to replace the Linksys router, and make it so, so it works like it was before with the Linksys.
Thanks for replays
-Simon
09-26-2011 11:41 AM
Hi Simon,
I am not sure what subnet mask do you have at the moment, because both WAN and DMZ should be in different ones. That said, if you could divide your public address space into two pieces(two segments with /28) you could place your ASA in that way:
lan
|
|
ASA----dmz(12.23.45.32/28)
|
|
wan(12.23.45.48/28)
I hope this make sense, at least this is the task I understood from the initial explanation :)
Cheers,
Ivan.
09-26-2011 11:43 AM
Ok, but how do i make the config at the ASA?
09-26-2011 11:47 AM
you mean 'how' ?
the first answer is the official doc at http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/config.html
also there are a lot of examples here - http://www.cisco.com/en/US/products/ps6120/prod_configuration_examples_list.html
Does that answer your question, Simon?
HTH,
Ivan.
09-26-2011 11:54 AM
Im sorry, but i dont know exactly looking for in the guides and examples.
09-26-2011 12:06 PM
no worries,
first you'd need to get on track by learning how to configure an interface on ASA:
http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/intrface.html
then how to configure/apply an access-list, setup basic routing and implement NAT if needed. This is a bare minimum in my HO one should know upon initial interaction with ASA/PIX and perhaps with other FW'alls as well.
Second, this example might be helpful: http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080094ea2.shtml
And last, this example might shed a bit of light on how to incorporate a third segment to your existing setup:
Let me know if you have any further questions,
Cheers,
Ivan.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide