Need help in configring ASA 5550 as a router with firewall allowing only port 80 and 443
Please Refer attached diagram,
We have MPLS users ( remote offices) and LAN users(local office) accessing internet via ASA 5520. Also at present these users access some application located at DC via the same internet.
Now our management has decided to send all the traffic meant for our public sever (101.100.X.X) via a new Leased line directly connecting to DC.
New 4 MB line is up now, we had an ASA 5550 unsude, so we thought of using this firewall to terninate this new link.
This firewall was used before as an internet gateway, and it had few configurations in it, i removed few ( like NATing and all),
Now i have configured outside inteface and given a route 101.100.X.X to DC which works fine, I am able to ping from my ASA to
101.100.X.X server from this new link connected to ASA5550. I have configured ASA 5550 LAN interface with 172.16.0.4/24 address which is in same lan pool of our existing internet gateway ASA5520 lan interface ip 172.16.0.22/24.
Now in order to send traffic meant for 101.100.X.X via the new PTP link we tried 2 ways.
1) Give a route in 7206 pointing all 101.100.X.X to 172.16.0.4(ASA5550) or
2) Give a route in 7206 pointing all 101.100.X.X to 172.16.0.4(ASA5550)
But it didnt work. I am able to ping 172.16.0.4 from 7206 as well as from ASA5520. also from new ASA 5550 we are able to ping 101.100.X.X IP's.
Now I suspect problem in ASA 5550 firewall as a firewall router which is not allowing trffic to pass throu it.
I am new to firewall, i am of router and switch background. can anyone please help me in this case??
I just need to use this ASA 5550 as a plain router which will forward all traffic meant for 101.100.X.X to other side via the leased line.
After that i need to allow only ports 80,443,8080. There is no NAT, ACL and all is required and it not configured also.
It would be great if you help me in sending step by step procedure to delete all existing configuration in ASA 5550 and start a clean configuration which will make this firewall act as a plain router. (enabling ASDM configuration will help)
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :