ASA 5500

Unanswered Question
Jun 17th, 2010
User Badges:

guys if we have 7 servers and we want to create 5 DMZ.......on ASA is it possible.....I have gone through ASA data sheet but it doesnt tell how many  DMZ

it can have......what is vlans does num,ber of vlans represent number of DMZ the firewall can have......


we have 7 servers attached to a cisco 3750 swicth and we have to secure it do we have to connect each server with the firewall or we can have trunk and put each server on different vlan i am confused regardinhg the concept how to do that

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
The_guroo_2 Thu, 06/17/2010 - 07:56
User Badges:

Thanks for your kind reply i am trying to get my head around for number of DMZ doesnt number of DMZ depends on number of vlans firewall can have for example as you have said that 5505 can have up to 3 vlan and 20 in trunking so doest this mean that it can have 3 different DMZ and 20 different DMZ???? what is the concept for vlans and DMZ thanks again

Federico Coto F... Thu, 06/17/2010 - 08:00
User Badges:
  • Green, 3000 points or more

DMZs can refer to physical interfaces (in the example of the ASA 5505, you cannot have more than 3 routed interfaces).

But doing VLANs, you can separate logically and segment the network in more logical interfaces.


So, you can have up to a lot more than 3 DMZs (using VLANs), the difference is that they will belong to the same physical interface.


Federico.

The_guroo_2 Thu, 06/17/2010 - 08:17
User Badges:

Thanks for your quick reply so it means that if i attach a switch with it and plug 7 servers to that swicth and create 7 vlans in the asa and trunk the port of asa to the switch so it means that i can have 7 DMZ easily???? is that right

Federico Coto F... Thu, 06/17/2010 - 08:37
User Badges:
  • Green, 3000 points or more

Yes, but for the 5505 you can have up to 20 VLANs if having the Security Plus license installed.

Check the link that I sent you.


Federico.

Actions

This Discussion