DMZ Setup with Cisco ASA 5510 and 2 VPN peers

25 pts.
Tags:
Cisco ASA
Cisco ASA 5510
DMZ
DMZ Switch
Web servers
I have an Cisco ASA with one external IP address, and 2 VPN Peers. Now i need to add a web server to the mix. Please tell me how can i accomplish this bearing in mind my existing setup? Thanks,

Software/Hardware used:
Cisco ASA 5510
ASKED: November 11, 2010  3:39 PM
UPDATED: November 12, 2010  12:49 PM

Answer Wiki

Thanks. We'll let you know when a new response is added.

Assuming a private network on the inside needs protecting, rather than using a DMZ I would create first a NAT rule for an outside address to the inside address on the web server, then creatre ACLs defining access rules such as allowing port 80 or 443 as needed

Discuss This Question: 3  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Zaggazow
    That actually makes a lot of sense, have you (or anyone else) tried something similar?
    25 pointsBadges:
    report
  • Spadasoe
    I have it setup this way on 5540 and 5505s
    5,130 pointsBadges:
    report
  • Zaggazow
    Now i have another probelm, after setting up the requisite ACL to only permit web traffic users across to VPN cannot RDP to servers i have here, so the question is would the ACL to only permit incoming web traffic block VPN initiated traffic?
    25 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following