Home > IT Answers > Security > DMZ Setup with Cisco ASA 5510 and 2 VPN peers
Zaggazow
25 pts.
 DMZ Setup with Cisco ASA 5510 and 2 VPN peers
Cisco ASA, Cisco ASA 5510, DMZ, DMZ Switch, Web servers
I have an Cisco ASA with one external IP address, and 2 VPN Peers. Now i need to add a web server to the mix. Please tell me how can i accomplish this bearing in mind my existing setup? Thanks,

Software/Hardware used:
Cisco ASA 5510
ASKED: November 11, 2010  3:39 PM
UPDATED: November 12, 2010  12:49 PM
RELATED QUESTIONS
Answer Wiki:
Assuming a private network on the inside needs protecting, rather than using a DMZ I would create first a NAT rule for an outside address to the inside address on the web server, then creatre ACLs defining access rules such as allowing port 80 or 443 as needed
Last Wiki Answer Submitted:  November 11, 2010  4:27 pm  by  Spadasoe   5,130 pts.
All Answer Wiki Contributors:  Spadasoe   5,130 pts.
To see all answers submitted to the Answer Wiki: View Answer History.


RSS - Discussions Help
Discuss This Question:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

 

That actually makes a lot of sense, have you (or anyone else) tried something similar?

Zaggazow
 25 pts.
 

I have it setup this way on 5540 and 5505s

Spadasoe
 5,130 pts.
 

Now i have another probelm, after setting up the requisite ACL to only permit web traffic users across to VPN cannot RDP to servers i have here, so the question is would the ACL to only permit incoming web traffic block VPN initiated traffic?

Zaggazow
 25 pts.