ASA 5520

Unanswered Question
Sep 19th, 2008
User Badges:

i have ASA5520.its new installation.plz suggests.

my network have a two Mail Servers and one ISA Server.i have planned put my mail server to DMZ network and ISA server into my inside network.inside users connect internet via my ISA Server.the above plan is correct.otherwise plz suggest me to improve my network plan.


S.Mohana sundaram

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Marwan ALshawi Fri, 09/19/2008 - 19:05
User Badges:
  • Purple, 4500 points or more
  • Community Spotlight Award,

    Best Publication, December 2015

hi mohana

urs works but i suggest u to make the ASA the edge device with the internet

and the ISA will be behind the ASA and the DMZ will be the network between the ASA and ISA



this if u want those servers to be accessable from internet as well

or u can make it like



-- servers DMZ


the DMZ on the ASA if u want the internet users to access these servers

all works but becarefull with NATing and the packet filltering inbound and outbound

good luck

if helpful Rate

smohanasundaram Fri, 09/19/2008 - 20:31
User Badges:


my nat statement

static (inside,outside) a.b.c.d (ISA IP ) netmask

static (DMZ,outside) x.x.x.x ( mail server 1) netmask

static (DMZ,outside) x.x.x.x ( mail server 2)netmask

the above statement is correct or suggests me the correction


S.Mohana sundaram


This Discussion