Please help settle an "argument"

tcole1970 · ‎09-20-2010

When setting up an ASA, I setup the inside interface as our network and the outside interface as the other external network. One of my co-workers thinks it should be the other way around as that is how some of the other's on the network are setup. Which is right?

Thanks

Nagaraja Thanthry · ‎09-20-2010

Hello,

Typically, INSIDE network is the protected/trusted network from your environment perspective. OUTSIDE is the untrusted domain. So, in your setup, if your LAN is the most trusted/to be protected resource, then that should be classified as INSIDE and the other network as OUTSIDE.

Regards,

NT

Jon Marshall · ‎09-20-2010

tcole1970 wrote:

When setting up an ASA, I setup the inside interface as our network and the outside interface as the other external network. One of my co-workers thinks it should be the other way around as that is how some of the other's on the network are setup. Which is right?

Thanks

As NT says, traditionally the inside is assigned to the most trusted network so it boils down to which network you are trying to protect from which network and this may wary from one firewall deployment to another. If the firewall is deployed to connect to the internet you most definitely would want the inside to be your network but a firewall deployed within your companies network just depends on the particular networks.

Jon