cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
491
Views
0
Helpful
6
Replies

ASA 5510 DMZ setup

dshrestha
Level 1
Level 1

I tried to make ASA 5510 work as it mentioned in the Getting Started Guide that came with the ASA appliance. It is a basic DMZ scenario where I have a web server running on 10.30.30.30 and outside interface on ASA is 209.165.200.225. I followed all the steps mentioned in the guide. For step 1, I configured IP pools for Network Translation, For step 2, I configured Address Translations on Private Networks. For Step 3, I defined external identity of the web server that is 209.165.200.225. And for step 4 , I provided http access to the web server.

The problem is when I connect a pc on a outside network, I was not able to access the web server. I could ping web server (10.30.30.30) from ASA but not from a pc that is connected to outside interface. Is it a routing problem? Do I need to do something else?

6 Replies 6

pblack
Level 1
Level 1

What does the access-list on the outside intferface have in it?

Before I set up DMZ, I should be able to communicate from inside interface to outside interface and vice versa. My outside interface is on 209.165.200.0 and inside interface is 10.10.10.0 network.

Also from the documentation, I should see two vlan, one for inside and one for outside. But when I did

ciscoasa# sh vlan

I don't see any vlan.

Thanks.

You won't see any vlan information for the inside and outside unless you assign a vlan to these interfaces.

don't assign vlans unless they are plugged into dot1q ports. if you dont' know what this means, you probably shouldn't do anything.

Thanks, but what are the commands that will assign vlan to ASA ports and show vlan information. This is for future reference.

Before implementing VLANs, you need to understand the licenses required for this

interface gig x

vlan x

nameif outside

security-level 0

ip address xx.xx.xx.xx

no shut

interface gig y

vlan y

nameif inside

security-level 100

ip add yy.yy.yy.yy

no shut

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: