09-19-2008 08:15 AM - edited 02-21-2020 03:00 AM
i have ASA5520.its new installation.plz suggests.
my network have a two Mail Servers and one ISA Server.i have planned put my mail server to DMZ network and ISA server into my inside network.inside users connect internet via my ISA Server.the above plan is correct.otherwise plz suggest me to improve my network plan.
regs
S.Mohana sundaram
09-19-2008 07:05 PM
hi mohana
urs works but i suggest u to make the ASA the edge device with the internet
and the ISA will be behind the ASA and the DMZ will be the network between the ASA and ISA
like
lan--isa--mailserver---asa--internet
this if u want those servers to be accessable from internet as well
or u can make it like
lan--isa-----asa--internet
--
-- servers DMZ
or
the DMZ on the ASA if u want the internet users to access these servers
all works but becarefull with NATing and the packet filltering inbound and outbound
good luck
if helpful Rate
09-19-2008 08:31 PM
Hi
my nat statement
static (inside,outside) a.b.c.d 10.1.1.2 (ISA IP ) netmask 255.255.255.255
static (DMZ,outside) x.x.x.x 192.168.1.2 ( mail server 1) netmask 255.255.255.255
static (DMZ,outside) x.x.x.x 192.168.1.3 ( mail server 2)netmask 255.255.255.255
the above statement is correct or suggests me the correction
regs
S.Mohana sundaram
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide