fshguo
asked on
configuring ASA 5505 4 VLANs
is there a way to configure the ASA 5505 secure plus device from scratch via ASDM over IE remotely with limit on site assist?
It composes of:
1) business, internet, home and DMZ four VLANs;
2) one device in DMZ zone mapping to second fix public IP with port 443 open.
3) one IP in business VLAN open port 135 for a device in home VLAN.
Any major steps to accomplish this setup?
It composes of:
1) business, internet, home and DMZ four VLANs;
2) one device in DMZ zone mapping to second fix public IP with port 443 open.
3) one IP in business VLAN open port 135 for a device in home VLAN.
Any major steps to accomplish this setup?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
1) the following lines:
static (DMZ, outside) 1.1.1.2 192.168.1.2 netmask 255.255.255.255 <--create translation for DMZ host to public IP address 1.1.1.2
static (business,home) 10.1.1.2 10.1.1.2 netmask 255.255.255.255 <--create translation for business host to look like itself on home VLAN
are these the NAT? where this applies in ASDM?
2) do you thing the "access-group acl_home_in in interface home" should be to acl_home_out instead? and again where this applies in ASDM?
In addition, three more questions:
1) does the routing table need to manually added between VLANs? or the device will learn by itself once the VLAN created?
2) Should the NAT or PAT enable in this senario?
3) by default, the VLAN has higher security level can access the lower one, how can it be revoked for business VLAN from accessing home unless it is permitted in access-list?
Thanks.