Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
353
Views
4
Helpful
2
Replies

Access to DMZ subnet

ghanshyam.saini
Level 1
Level 1

‎06-05-2009 08:07 PM - edited ‎03-06-2019 06:07 AM

Hi,

I have two site having 4507 both sides and connected to with a Metro Ethernet point to point, I am running eigrp to get access to local subnets of each location from other.

There are ASAs connected to each 4507 for outside access with default routes to them.

Now i can access DMZ subnet locally but not from other site i tried few thing that could not work.

Please let me know what is the best way to do this in terms of security and routing.

Thanks in advance.

ASA Ver 8.0(4)

Labels:
0 Helpful
2 Replies 2

Jon Marshall
Hall of Fame
Hall of Fame

‎06-06-2009 02:05 AM

You have 2 options really.

1) Run EIGRP on the ASA and advertise the DMZ subnet to the 4500 switches.

2) On each 4500 switch add a static route for the DMZ and redistribute into EIGRP.

I haven't used EIGRP on the ASA so i have no experience with option 1) but i have used option 2) many times.

Jon

ghanshyam.saini
Level 1
Level 1
In response to Jon Marshall

‎06-06-2009 07:08 AM

Hi,

Thanks for reply, if i take option 2 then

will any access restricyion i have to take care specailly, it will be great if you can provide saome sample config.

Thanks in advance

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card