Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
896
Views
0
Helpful
0
Comments

config context security/ASDM asa

salwayasalam
Level 1
Level 1

‎07-13-2010 06:49 AM - edited ‎03-08-2019 06:33 PM

hi :)
i want to configure asa ,mode multiple context and i  wanna create 2 vertuel firwalls one for client A and the other for  client B
shéme :  internet____212.217.2.0_______router_.1____212.217.1.0________.2_asa1----dmz(10.10.10.0),netwwork(192.168.10.0)
|                                                         .3_asa2----dmz(20.20.20.0),network(192.168.20.0)

i've tried but sadly it doesn't work :'( can  you tell me please what seems to be the problem?
and an other  question :$ i want to know how to install ASDM and how to configure it  on my asa

my config est :
mode multiple
int g 0/0.1
vlan  10
no shut
exit
int g 0/0.2
vlan 20
no shut
exit
int  g 0/1.1
vlan 100
no shut
exit
int g 0/1.2
vlan 200
no  shut
exit
int g 0/1.3
vlan 300
no shut
exit
int g  0/1.4
vlan 100
no shut
exit
context asa1
description  context pour clientA
allocate-int g0/0.1 outsidecontext
allocate-int  g0/1.1 insidecontext
allocate-int g0/1.3 dmz
context asa2
description  context pour clientB
allocate-int g0/0.2 outsidecontext
allocate-int  g0/1.2 insidecontext
allocate-int g0/1.4 dmz
route outside 0 0 212.217.1
########client A
int  g0/0.1
nameif outside
sec 0
ip add 212.217.1.2 255.255.255.0
no  shut
int g0/1.1
nameif intside
sec 100
ip add 192.168.10.1   255.255.255.0
no shut
int g0/0.1
nameif dmz
sec 50
ip  add 10.10.10.1 255.255.255.0
no shut
nat (inside) 1 192.168.10.0  255.255.255.0
nat (dmz) 1 10.10.10.0 255.255.255.0
global(outside)  1 212.217.1.10-212.217.1.100 net 255.255.255.0
global(dmz)  10.10.10.10-10.10.10.40 net 255.255.255.0
access-list inbound permit  icmp any any echo
access-list inbound permit icmp any any echo-replay
access-list  dmz permit tcp any host 10.10.10.50 eq 80
access-group inbound in  interface outside
access-group dmz in interface dmz
########client  B
int g0/0.2
nameif outside
sec 0
ip add 212.217.1.3  255.255.255.0
no shut
int g0/1.2
nameif intside
sec 100
ip  add 192.168.20.1  255.255.255.0
no shut
int g0/1.4
nameif dmz
sec  50
ip add 20.20.20.1 255.255.255.0
no shut
nat (inside) 1  192.168.20.0 255.255.255.0
nat (dmz) 1 20.20.20.0 255.255.255.0
global(outside)  1 212.217.1.110-212.217.1.1200 net 255.255.255.0
global(dmz)  20.20.20.10-20.20.20.40 net 255.255.255.0
access-list inbound permit  icmp any any echo
access-list inbound permit icmp any any echo-replay
access-list  dmz permit tcp any host 20.20.20.50 eq 80
access-group inbound in  interface outside
access-group dmz in interface dmz

route outside 0 0 212.217.1

Labels:
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents