Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

configure asa5520 with 2 DMZ+ 1 outside + 1 inside

Please i need to configure asa5520 as firewall with 2 2 DMZ+ 1 outside + 1 inside

I need configuration exemple for the same case : help please

thanks in advance

2 REPLIES

Re: configure asa5520 with 2 DMZ+ 1 outside + 1 inside

Hi, your request is very global/general without giving much details on your inside and outside so you can simply start with building your inside and outside connectivity first before moving into DMZs.

Start here for basic inside-outside

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080094768.shtml

As for DMZs here is an example of single DMZ configurarion , you may iterate the process for a second DMZ..

http://www.cisco.com/en/US/docs/security/asa/asa80/getting_started/asa5500/quick/guide/dmz.html

Regards

PLS rate any helpful posts

New Member

Re: configure asa5520 with 2 DMZ+ 1 outside + 1 inside

Hello

Please I am very desapointed

I need to configure asa5520 to protect my entire network, but it is not work

it is my first time to configure it. I am very desapointed

I have one central site and 3 branch, branch are connected to central site trought vpn

I have configured helper adress on each branch cisco 1841 for dhcp request of ip phone to dhcp server (cisco3745)

Ther is 5 server on DMZ and one mail server on dmz1 (all servers have private ip address)

I need DMZ to comunique only with inside througt NAT

I dont need voice trafic to NAT, just DATA trafic should be NAT

ASA should permit dhcp request and tftp dowload configuration from ipphone to CME on cisco3745

All user on data vlan should get acces on internet but incoming trafic from internet to my network should be controled by access list depend of future need

when I remove asa voice comunication and data work fine , but when I use asa, The simple ping throught the ASA from cisco 2811 to cisco 3745 or from cisco 3745 to cisco 2811 dont work

PLEASE HELP me to perform voice trafic and allow outgoing data and internet trafic.

see my running config and architecture in attachement

139
Views
0
Helpful
2
Replies