The easiest design to implement would be a double firewall approach, connecting the external interface of the ISA to the ASA, with a new subnet in between. That way the only device that could talk to the ASA would be the proxy. The benefit of this is that you now have dual firewalls, if someone finds a vulnerability that allows them to compromise a PIX/ASA, they would be stopped by the ISA. This is extremely rare (most firewalls have been thoroughly inspected for such vulnerabilities, by both the good guys and the bad), so the benefit of the design is minimal, but it is there. The drawback is that any firewalls changes would need to be made on both firewalls. This also adds complexity in troubleshooting.
Or you could put the ASA into the network where the ISA is now. If the ISA is acting as only a proxy, you don't need two NICs, so you could disable the external NIC.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...