I have a Cisco ASA 5510. I need help with the basic configurations. I have a DSL Internet connections connected to the outside (Ethernet0/0) and my office network connected to the inside (Eth 0/1). I will require a DMZ interface later. Do i need an additional router? Do i need to have a static public IP? And do i need to use ip_packet_forwarding here? Can anyone give me some basic guidance and help setup this unit.
"Do i need an addtional router". Depends where you mean. Between your DSL and ASA no you don't. On the inside of your ASA - it really depends on how many subnets you have inside. If you only have one then no you don't need to worry about a router.
Public IP - yes it would certainly help.
ip_packet_forwarding - on which device ? The Asa will forward packets between interfaces providing you have the right NAT/access-lists in place.
attached is a link to the config guide for ASA v7.2. Start with this and please come back if you need further assistance.
Thanks for the link. Now i am able to access the internet from inside (192.168.3.0 network) via Broadband on the outside (192.168.1.0 network). I have also connected our intranet server to the DMZ (10.162.1.0 network) and i am able to access it from the inside.
But now i want to access the DMZ server from the outside. Is it possible? I was unable to add a NATing rule for a host on the outside so that it can access the DMZ. If I happen to select "outside" for my "Source Network", automatically the "dmz" option in the "Translate Address on Interface" dropdown box disappears.
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...