<br />I'm trying to configure a VLAN on my PIX 535 and applying ACLs that will allow me to restrict anyone on that VLAN to the Internet only and our web servers in the DMZ.
<br />I'm not a security expert, so I don't know the best way to set this up.
<br />The physical connection for the VLAN (coming in from our core switches, Catalyst 6503E) is the same physical connection as the inside (gb-int0) interface.
<br />Could someone please give me an idea of what translation rules and configuration commands I should be using to create the VLAN properly and then have it routing properly and then applying ACLs to block access to the internal network (with maybe the exception of DNS) and DMZ with the exception of the web servers?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...