Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

sandwich ASA with contexts mode

Hello,

we are trying to design a sandwich ASA with contexts mode.

we have a couple ASA 5505 with licences for context and failover.

we are thinking on Active-Pasive and two context:

internet --- ASA1andASA2 in failover Context 1 ---- DMZ  --- ASA1andASA2 in failover with NAT context 2  ---- LAN.

with 3 interfaces physic is possible? (beacuse probably is necesary to use one for failover and one for management)

no problem for use NAT on context 2?

no problems for use static routes?

can you give us your advice?. also if possible some link were we can found information about the configuration?.

kind regards.

2 REPLIES

sandwich ASA with contexts mode

Hi Bro

Yes, 3 physical interfaces on each FW will do just fine. This is what you're gonna do.

Step 1: Create 2 contexts CONTEXT1 and CONTEXT2

Step 2: CONTEXT1 OUTSIDE = ISP E0/0 |  CONTEXT1 INSIDE = DMZ E0/1 <-- NATs

Step 3: CONTEXT2 OUTSIDE = DMZ E0/0 | CONTEXT2 INSIDE = LAN E0/1 <-- No Nat Control (v8.2 and below)

Note: E0/2 on both FW will be used for Failover

Warm regards, Ramraj Sivagnanam Sivajanam Technical Specialist/Service Delivery Manager – Managed Service Department
New Member

 thread seems quite old

 thread seems quite old ,nevertheless I am just curious which 5505 that supports context mode,

I have not seen none yet.

198
Views
0
Helpful
2
Replies
CreatePlease login to create content