Cisco 5525 with Outside Internet Connection (Design)
I have a design question:
Currently, we are running out internet connection from provider to our network core (via Vlan99). Then it gets connected to our Firewall via vlan 99..
This is the flow:
ISP Provider Switch Stack Port G1/0/25 switchport access vlan 99 Firewall connected to our Switch Stack via Trunk (trunk allowed vlan 99) Firewall Interface G0/7 IP x.x.x.x Subnet x.x.x.x Vlan99 Logical Type.
Our Firewall (Cisco ASA5525), has an interface setup for that connection (Vlan99), with a name of outside, and our External IP Address. (Logical Type Interface).
I would like to move our connection from the core to the firewall, (I don't want the internet to run thru the switch first, then the firewall).
Would it be safe to say that I could physically move the connection to the firewall, and that's all? The firewall has an outside routing of 0.0.0.0 0.0.0.0 with gateway of our G0/7 Firewall Interface.
Or is there more to this than meets the eye?
Sorry for the noob question, but I want to understand this a little better, and my feeling says that moving the connection from core to the firewall would be sufficient enough, but then again im not an expert at firewalls much.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...