I got to implement a new network. I have a Cisco router, an ASA and a Layer 3 switch. I would like to make the router as a perimeter router and ASA as firewall. So, the whole connection will be like below:
Internet -> Cisco router -> ASA -> Layer 3 -> PC's.
I got 2 ISP's and I will be configuring two HWIC's of the router with two public IP's and one WIC with private IP to connect with the ASA.I need to do IPSEC VPN's in ASA and so as all the NATings of my servers.
1. So, do I need to NAT the ASA in the cisco router?
2. If I do so, will I be able to create vpn tunnels from the ASA inside?
3. Can I then NAT all the servers in my LAN in ASA using my other free public IP's?
Thanks for any help and suggestions.