Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Attention: The Community will be in read-only mode on 12/14/2017 from 12:00 am pacific to 11:30 am.

During this time you will only be able to see content. Other interactions such as posting, replying to questions, or marking content as helpful will be disabled for few hours.

We apologize for the inconvenience while we perform important updates to the Community.

New Member

configuring ASA5505

How to best secure an inside network? ASA5505's outside interface has a static public IP. The following is the physical topology.

DSLmodem/router <> ASA5505 <> Linksys wireless router <> wireless users.

The DSL modem will be in bridge mode. The Linksys will provide DHCP to the internal users.

1. Is it best to assign a public IP to ASA's inside interface?

2. Linksys wireless would be connected to a switch port of the ASA and the remaining switch ports will be disabled.

3. PAT would be done on the Linksys.

Thanks.

1 REPLY
New Member

Re: configuring ASA5505

Hi,

Normally Cisco recommends router at Publicly connected network for typically SMB-Large organization. But, connected public ip to ASA interface is not bad either.

You can have DHCP done y Linksys wireless device. But, I strongly recommend doing NAT at ASA5505. Cisco ASA is good for NAT.

If you want to have further strict policies for http, ftp, esmtp traffic, you can create application policy map and use them, use regex to block websites or web messengers.

216
Views
0
Helpful
1
Replies
CreatePlease to create content