Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
449
Views
0
Helpful
3
Replies

Network redesign w/ 5510 and 2951

chris baranowski
Level 1
Level 1

‎11-07-2011 11:41 AM - edited ‎03-11-2019 02:47 PM

I recently installed a 2951 with a security plus license..I hate it (security featuers not router) and would like to put the asa back in place.

I need some direction on how to integrate the asa with the 2951, I believe I need to run it in multi context mode.

in a nut shell I have this

isp--->router (firewall, VPN, voice, & vLANS) --->switches

I would like this

isp --->ASA (firewall, VPN) ---->router (vLans)--->switches

where do I start..what issues will I run into.

Labels:
0 Helpful
3 Replies 3

acomiskey
Level 10
Level 10

‎11-07-2011 12:41 PM

Should be as simple as putting a small transport network between the ASA and the router. Set default gateway on router to ASA IP, add routes in ASA for inside networks towards router IP, or use a routing protocol between the 2.

isp -->ASA-(x.x.x.1)----->(x.x.x.2)router (vlans) ---> switches

Definitely don't need multi context.

ASA

route inside x.x.x.2

route isnide x.x.x.2

Router

ip route 0.0.0.0 0.0.0.0 x.x.x.1

0 Helpful

chris baranowski
Level 1
Level 1
In response to acomiskey

‎11-07-2011 12:51 PM

What about NAT?

Would NAT translation take place on the ASA or Router in your proposed setup?

0 Helpful

acomiskey
Level 10
Level 10
In response to chris baranowski

‎11-07-2011 12:53 PM

ASA

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card