ASA 5520

Unanswered Question
Sep 19th, 2008
User Badges:

i have ASA5520.its new installation.plz suggests.


my network have a two Mail Servers and one ISA Server.i have planned put my mail server to DMZ network and ISA server into my inside network.inside users connect internet via my ISA Server.the above plan is correct.otherwise plz suggest me to improve my network plan.


regs


S.Mohana sundaram

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Marwan ALshawi Fri, 09/19/2008 - 19:05
User Badges:
  • Purple, 4500 points or more
  • Community Spotlight Award,

    Best Publication, December 2015

hi mohana


urs works but i suggest u to make the ASA the edge device with the internet

and the ISA will be behind the ASA and the DMZ will be the network between the ASA and ISA

like


lan--isa--mailserver---asa--internet


this if u want those servers to be accessable from internet as well


or u can make it like


lan--isa-----asa--internet

--

-- servers DMZ


or


the DMZ on the ASA if u want the internet users to access these servers


all works but becarefull with NATing and the packet filltering inbound and outbound


good luck


if helpful Rate



smohanasundaram Fri, 09/19/2008 - 20:31
User Badges:

Hi

my nat statement


static (inside,outside) a.b.c.d 10.1.1.2 (ISA IP ) netmask 255.255.255.255

static (DMZ,outside) x.x.x.x 192.168.1.2 ( mail server 1) netmask 255.255.255.255

static (DMZ,outside) x.x.x.x 192.168.1.3 ( mail server 2)netmask 255.255.255.255


the above statement is correct or suggests me the correction


regs


S.Mohana sundaram


Actions

This Discussion