I am currently using an ASA 5505 with Security Plus License (P/N: ASA5505-SEC-BUN-K9) Appliance. What I am trying to do is create a multiple network and be completely separated from each other and on the inside interface (or network), I want to limit the outbound traffic. I have at least 14 inside clients where they would be completely restricted to access the internet except for a specific IP Address and specific port. All the rest of the IP Addresses on that subnet would only have access to the internet if they have specified a username and password.
Please see the below configuration and please give me your feedback as to what other things I can improve.
I hope that someone can recommend if there are other better alternative to this type of configuration? Also, care there anything I have to add in order to maintain a more secure and efficient environment? Please school me.
Sorry for the delay. I have modified my access-list to use object-group. Please see the modified configuration and anybody who can recommend maybe a more efficient and secure environment than my current configuration, I'll appreciate it. By the way, just so you know, I don't have any DMZ or any port being allowed from the outside interface to inside. Here's the configuration I currently have:
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...