Our DMZ port on our ASA is configured more as an external/Internet facing interface. It is configured with a non-routable IP subnet 172.20.2.0/29)that's configured to route specific traffic to a set of VPN routers (non company owned). Using a couple of small switches, this same port is attached to an ISP - currently not used to route Internet traffic to/from the corporate network.
I need to be able to place an FTP host into this DMZ setup- with one NIC attached to the DMZ subnet and one NIC attached to the ISP subnet. This will allow me to control access for FTP 'PUTS' from the internal network as well as allow external FTP 'GETS' from the Internet.
Is this routing possible given this setup?