DMZ switch best practice

Unanswered Question
Aug 26th, 2008

I have two redundant ASA5520s and am planning to add a 3350 as the DMZ switch. I am looking for advice on the best way to accomplish this (best practice)

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
branfarm1 Tue, 08/26/2008 - 11:50

If you're planning on having that switch only service DMZ servers, then I would put a link between each 5520 and the DMZ switch. I assume that you already have the failover setup configured on the other interfaces. Your hosts on the DMZ will need to point to the primary DMZ address for their default gateway.


This Discussion