Dear Experts,
I have worked with 1 dmz + 1 inside + 1 outside many times... but now i have a
strange scenario, where i have
one ASA 5520 Firewall only and the situation demands are 2 outside + 1 dmz + 1
inside ...
Questions:
===========
1> i have only single context , is it possible and can i only play with
security levels to make it work !
2> on 2 outside interfaces i have ISP 1 and ISP2 connected respectively. how
can i use it differently
for different types of traffic , i think there is no route-map in asa
firewalls ? please provide clue/hint.
3> can i use mapping to same machine from both ISPs'... meaning if i have IP
172.16.1.1 can i map it to
ISP1 POOL IP ADD <---> 172.16.1.1 and if this pool fails to
exisit or resolve then,
mapping changes to ISP2 POOL IP ADD <---> 172.16.1.1
THIS IS my 3rd question ?
4> IF I MAKE MY DMZ AND INSIDE INTERFACE WITH SAME SECURITY LEVEL ? do i need
to do NAT ? since overall NAT-CONTROL
is enabld and i dont wanna stop it due to NATing for regular users from the
inside going to OUTSIDE (ISP1) ???
waiting for reply,
regards,
Kamran Shakil
ITA NDC Operations Engineer
Cisco - IT Advance Services Team
MidEast Data Systems LLC Oman
Cell: + 968 95804126
Office: + 968 24576640
Confidentiality Warning: "This message and any attachments are intended only
for the use of the intended recipient(s), are confidential, and may be
privileged. If you are not the intended
recipient, you are hereby notified that any review, retransmission, conversion
to hard copy, copying, circulation or other use of all or any portion of this
message and any attachments is strictly
prohibited. If you are not the intended recipient, please notify the sender
immediately by return e-mail, and delete this message and any attachments from
your system."
_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit
www.ipexpert.com
