We have gotten two old PIX 520 firewalls in our office. We intend to do following:
1. Each firewall has 6 interfaces. 1st one would go for Internet. Can we configure remaining 5 interfaces for five different networks. These networks will be our public servers(public IP), hosted servers(public IP), leased network (private IP), head-office network (mixed IPs) and customer's DR network (public IP).
2. Can we configure VLANs on these six firewall interfaces.
3. How do we configure these two firewall in failover mode.
Please let me know whether we can achieve this. If yes, pls reply with some links or some documentation or commands.
We also have Cisco SUpport contract whether they would be able to run us through?
HI .. in reagrds to your questions. I believe you must be using a PIX 525 correct ..?
1.- Yes you can. You can also configure VLANs. For doing that you will have to use one physical interface as trunk to your switch ( where the VLANs are configured ) and then you can bind Vlan interfaces accrodingly.
2.- Yes .. as mentioned above.
3.- The link below will help you configurating what you need. I suggest you install version 7.X
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...