I am green when it comes to firewalls.
I currently have a PIX 506 and we are upgrading to an ASA 5510. It has had so many changes that I want to start fresh. So I am not really trying to view the 506 config and duplicating it.
The 5510 has ASA v 8.04. ASDM v 6.1.3
I ran through the VPN config wizard. so I think that is good. I have a general setup with internal smtp, ftp, and an ISA server for http access.
Do I need to add all my internal servers that access the internet as objects and all their associated public IPs to the network objects list?
When I NAT say my internal email server. Do I only need one NAT rule? this will then translate both inbound and outbound email? Or do I need both inbound rule and outbound NAT rules?
then my access rule would be outside from any to inside (internal smtp server) SMTP protocol permit.
This will then translate incoming SMTP from anywhere to the internal email server for only smtp? this would then be the same for ftp, ect?
Would I need an outgoing rule so only email from my mail server would be allowed to the ASA?