Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
439
Views
0
Helpful
2
Replies

IT industry standard ASA deployment. Please advise

lansingschools_ops
Level 1
Level 1

‎12-05-2008 12:11 PM - edited ‎03-11-2019 07:21 AM

We have a question regarding the deployment of ASA. We are moving from PIX to ASA. Currently in the PIX we are using Alias command. It is no longer supported in the ASA. We have inside,DMZ, and outside interface. With our current setup we can access DMZ server via DMZ aadress but unable to access via their static map public IP. If I put in alias command for the dmz and public address we can address via name and public IP. How is the majority of people out there deploying this. Is everyone access DMZ via private dmz address or via public IP? or does everyone access to servers in dmz via their public IP. Please advise.

Labels:
0 Helpful
2 Replies 2

Collin Clark
VIP Alumni
VIP Alumni

‎12-05-2008 12:38 PM

Most of my customers prefer to use the public IP. It's pretty easy to setup int he ASA. Here's a link of reference.

http://blogs.interfacett.com/mike-storm/2006/6/29/bidirectional-nat-on-a-cisco-pix-or-asa.html

Hope that helps.

0 Helpful

acomiskey
Level 10
Level 10
In response to Collin Clark

‎12-05-2008 12:51 PM

Most of the issues I see are when people do not have inside DNS, in which case it would make more sense to do destination nat with the public ip. Otherwise, using the dmz address is the way to go imho.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card