Keep 2 Networks Seperate on an ASA 5505???

Rtwilliams · ‎05-08-2012

Hello, I'm new to Networking and Firewalls. But I have what I hope is an easy question to answer.

1. I currently have a Comcast Business Class Gateway, Cisco 2100 Series WLAN Controller and a Cisco ASA 5505 all connected together to supply LAN and WLAN internet connections on my network.

2. I also have a Card Access Security System on it owns network. It currently does not have internet access.

I would like to put my security system on the internet so that I can support it remotely. To do this, it has to be on a firewalled internet connection.

My question is;

Can I put the two networks on my ASA 5505 and keep them seperate? I don't want to provide a path into the Security System through my current LAN & WLAN. But I do need a frewalled internet connection on my Security System. I am trying to avoid purchasing a seperate firewall.

Thanks for any comments of feedback.

Maykol Rojas · ‎05-08-2012

Hello,

What license do you have on the ASA firewall? Basically by default you have 2 interfaces and a restricted DMZ, that would do it.

You can add a third interface with a security level of 100, then Create a NAT translation and only allowed certain services/IPs to access then from the outside, something like this,

Interface vlan 3

ip address 10.1.1.1 255.255.255.0

nameif Security_System

security-level 100

Interface eth0/3

switchport access vlan 3

Then assigned an IP address to that system, create a NAT translation and an access list and that will do it.

Mike