Design Consideration for Vendor/DMZ network.

Unanswered Question
Apr 7th, 2008

Hello Fellow Net Pro's

I am currently working on a design that includes an extranet/vendor dmz network protected by a couple of ASA 5520's running ospf.

The inside interface of the router is part of area 0 while the dmz interface is part of area 20.

This dmz network will have various vendor routers advertising various routing protocols to the ASA's.

What is the best approach to setting up the proper advertisements from my internal network to the various vendors.

Lets assume all of the vendors have to see all of the same routes from my network.

What type of filters should I be applying, and what security precautions should I be looking out for. I also dont want to become some sort of transit area that starts advertising networks from one vendor to the other.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)


This Discussion