I am trying to understand the ASA 5520 and the PIX 525 firewalls. If I have two or more networks physically attached to the firewall ports will I be do routing with OSPF between them? Would I configure this the same way through the IOS as if I were working on a router? Thanks for your help. I am just trying to understand if I will need a router and a firewall or if I can get away with only using the firewall.
You can run OSPF on the inside interface, and adverize your other physical interfaces in that ospf process , for example, if you have inside interface under OSPF and you have DMZ1, DMZ2 networks simply advertize them in the ospf process, thats prety much it.
It is the same principle on the PIX/ASA as in IOS, create the ospf process and advertize the networks you want to advertize under the process.
Till the time all the networks are connected to the same Firewall interfaces, the firewall woujld assume them as directly connected to network. No routing required for communicating among the machines placed behind different interfaces of the firewall. Just take care of the ACL and NAT/PAT.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...