configure asa5520 with 2 DMZ+ 1 outside + 1 inside

Unanswered Question
Jan 22nd, 2009

Please i need to configure asa5520 as firewall with 2 2 DMZ+ 1 outside + 1 inside

I need configuration exemple for the same case : help please

thanks in advance

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
JORGE RODRIGUEZ Thu, 01/22/2009 - 10:51

Hi, your request is very global/general without giving much details on your inside and outside so you can simply start with building your inside and outside connectivity first before moving into DMZs.

Start here for basic inside-outside

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080094768.shtml

As for DMZs here is an example of single DMZ configurarion , you may iterate the process for a second DMZ..

http://www.cisco.com/en/US/docs/security/asa/asa80/getting_started/asa5500/quick/guide/dmz.html

Regards

PLS rate any helpful posts

nicanor00 Sun, 01/25/2009 - 08:10

Hello

Please I am very desapointed

I need to configure asa5520 to protect my entire network, but it is not work

it is my first time to configure it. I am very desapointed

I have one central site and 3 branch, branch are connected to central site trought vpn

I have configured helper adress on each branch cisco 1841 for dhcp request of ip phone to dhcp server (cisco3745)

Ther is 5 server on DMZ and one mail server on dmz1 (all servers have private ip address)

I need DMZ to comunique only with inside througt NAT

I dont need voice trafic to NAT, just DATA trafic should be NAT

ASA should permit dhcp request and tftp dowload configuration from ipphone to CME on cisco3745

All user on data vlan should get acces on internet but incoming trafic from internet to my network should be controled by access list depend of future need

when I remove asa voice comunication and data work fine , but when I use asa, The simple ping throught the ASA from cisco 2811 to cisco 3745 or from cisco 3745 to cisco 2811 dont work

PLEASE HELP me to perform voice trafic and allow outgoing data and internet trafic.

see my running config and architecture in attachement

Actions

This Discussion