routing on ASA 5520 or PIX 525

ebreverman · ‎05-06-2008

I am trying to understand the ASA 5520 and the PIX 525 firewalls. If I have two or more networks physically attached to the firewall ports will I be do routing with OSPF between them? Would I configure this the same way through the IOS as if I were working on a router? Thanks for your help. I am just trying to understand if I will need a router and a firewall or if I can get away with only using the firewall.

JORGE RODRIGUEZ · ‎05-06-2008

You can run OSPF on the inside interface, and adverize your other physical interfaces in that ospf process , for example, if you have inside interface under OSPF and you have DMZ1, DMZ2 networks simply advertize them in the ospf process, thats prety much it.

It is the same principle on the PIX/ASA as in IOS, create the ospf process and advertize the networks you want to advertize under the process.

HTH

-Jorge

Jorge Rodriguez

arabinda.sukla · ‎05-06-2008

Hi,

Till the time all the networks are connected to the same Firewall interfaces, the firewall woujld assume them as directly connected to network. No routing required for communicating among the machines placed behind different interfaces of the firewall. Just take care of the ACL and NAT/PAT.

Thanks