Appreciate any help you can give here, I have a Cisco ASA that I am trying to configure in a unique way, I want it to perform a variety of tasks;
Firewall Inside to Outside via versa
But the difficult task, is creating a DMZ with devices that are assigned fully routed IP addresses from our ISP directly, these are H323 and SIP devices that cannot use NAT, and must have a fully routed IP address assigned to them.
Obviously the problem I have with the Firewall in its default routed mode, is that it wont allow me to overlap IP addresses on the outside interface with the DMZ interface.
Could the Firewall be configured for Transparent mode between Outside and DMZ, but Routed mode between Outside and Inside?
Eth0/0: 10.0.0./24 (inside)
Eth0/1: 220.127.116.11/24 (dmz)
Eth0/2: 18.104.22.168/24 (outside)
Or can anyone else think of a way around this? I understand this is possible with 2 Firewalls;
ISP Router ---> [Firewall 1 in Transparent Mode] ---> Effective DMZ ---> [Firewall 2 in Routed Mode] ---> LAN
But could the new Cisco ASA with the latest firmware and model be ale to do this with 1 physical firewall?
Any alternatives suggestions are greatly welcomed