ASA 5520

smohanasundaram · ‎09-19-2008

i have ASA5520.its new installation.plz suggests.

my network have a two Mail Servers and one ISA Server.i have planned put my mail server to DMZ network and ISA server into my inside network.inside users connect internet via my ISA Server.the above plan is correct.otherwise plz suggest me to improve my network plan.

regs

S.Mohana sundaram

Marwan ALshawi · ‎09-19-2008

hi mohana

urs works but i suggest u to make the ASA the edge device with the internet

and the ISA will be behind the ASA and the DMZ will be the network between the ASA and ISA

like

lan--isa--mailserver---asa--internet

this if u want those servers to be accessable from internet as well

or u can make it like

lan--isa-----asa--internet

--

-- servers DMZ

or

the DMZ on the ASA if u want the internet users to access these servers

all works but becarefull with NATing and the packet filltering inbound and outbound

good luck

if helpful Rate

smohanasundaram · ‎09-19-2008

Hi

my nat statement

static (inside,outside) a.b.c.d 10.1.1.2 (ISA IP ) netmask 255.255.255.255

static (DMZ,outside) x.x.x.x 192.168.1.2 ( mail server 1) netmask 255.255.255.255

static (DMZ,outside) x.x.x.x 192.168.1.3 ( mail server 2)netmask 255.255.255.255

the above statement is correct or suggests me the correction

regs

S.Mohana sundaram