ASA 5510 Trying to setup DMZ and Internal--external traffic.

Unanswered Question
Oct 14th, 2008

I'm trying to find a great configuration guide. I'm in the process of migrating from a Netscreen 10. I've setup my ASA according to the documentation available for the ASA version 8.0 and used ASDM version 6.1 as well.

I can ping out of the interfaces from the Management IP. I am unable to pass any normal traffic in any direction.

I opened all interfaces to an any, any, any rules without success both inbound and outbound on all interfaces.

Anyone have a great book recommendation?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 2 (1 ratings)
Loading.
risenshine4th Wed, 10/15/2008 - 14:21

Thanks for the book suggestions. Any one better than another?

The current Network is up and running on a Netscreen 10. I'm trying to swap it out with an ASA 5510 to increase throughput.

I've left out all the VPN's on purpose...I'm justing trying to get the DMZ, WEB, Mail, and internet browsing working first.

I've not been able to get any traffic to flow in any direction when I swap the Firewalls and Test.

I've attached a clean config with dummy IP's

I have External of 172.16.1.0 255.255.255.0

I have Internal of 192.168.0.0 255.255.255.0

I have a DMZ of 192.168.154.1 255.255.255.0

I have 4 external web addresses 172.16.1.8,

172.16.1.135, 172.16.1.136, and 172.16.1.207

These are mapped to Internal or DMZ addresses.

172.16.1.135 depending on the port forwards to either a DMZ(http, Domain) address of 192.168.154.6 or Internal(Https,SMTP) 192.168.0.4

Actions

This Discussion