I've recently developed a need to connect 2 networks together. One network (PIX Network) is currently connected to another network (DOMAIN 1) already via IPSEC site-to-site VPN. The other (ASA) is connected to many other sites via IPSEC site-to-site VPN and is those sites main domain server (DNS, DHCP, File, ext...)
PIX site is not a member of a domain, but uses DOMAIN 1's file server to do work.
I need to connect the PIX and ASA network together by IPSEC site-to-site VPN, normally this would be a no brainier and would go down without a hitch, but there is a small problem in all of this. ASA and DOMAIN 1 have the same ip schema and the main assets PIX needs to use reside at the same ip on both networks. this is where my problem comes in.
PIX needs to be able to access DOMAIN 1's file server which resides at 192.168.0.1 and ASA's file server which also resides at 192.168.0.1 on it's network at the same time.
I was thinking I could some how setup a DMZ on ASA and only allow access to the DMZ to the PIX network. this would eliminate the ip conflicts of the file servers and PIX would be able to work on both at the same time.
The problem is I do not know how to go about this on the ASA network. it has an ASA5510, but no DMZ is currently setup on it and I can not find in ASDM where to set it up at, nor do I know how to do it in CLI. Also is there a way for the DMZ interface to work through my external Vlan 1?
Once the ASA side is setup I'm unsure how to configure the PIX side of this.
July 31, 2009 7:29 PM
August 7, 2009 9:46 AM