Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Access to DMZ subnet

Hi,

I have two site having 4507 both sides and connected to with a Metro Ethernet point to point, I am running eigrp to get access to local subnets of each location from other.

There are ASAs connected to each 4507 for outside access with default routes to them.

Now i can access DMZ subnet locally but not from other site i tried few thing that could not work.

Please let me know what is the best way to do this in terms of security and routing.

Thanks in advance.

ASA Ver 8.0(4)

2 REPLIES
Hall of Fame Super Blue

Re: Access to DMZ subnet

You have 2 options really.

1) Run EIGRP on the ASA and advertise the DMZ subnet to the 4500 switches.

2) On each 4500 switch add a static route for the DMZ and redistribute into EIGRP.

I haven't used EIGRP on the ASA so i have no experience with option 1) but i have used option 2) many times.

Jon

Community Member

Re: Access to DMZ subnet

Hi,

Thanks for reply, if i take option 2 then

will any access restricyion i have to take care specailly, it will be great if you can provide saome sample config.

Thanks in advance

119
Views
4
Helpful
2
Replies
CreatePlease to create content