ASA 5520 and DSL WAN

Hi Experts,

Does the Cisco ASA 5520 appliance support using DSL as the wan interface?  I have a customer who wishes to keep their DSL line rather than pulling in a "T"; I have installed numerous ASA Appliances but never with a DSL connection.

Your comments are most appreciated
NCSOAsked:
Who is Participating?
 
Erik BjersPrincipal Systems AdministratorCommented:
Yes it will work, I have done it.

Get a static IP from your provider if needed

DO NOT USE a DSL router, only the modem and connect the ethiernet from the modem to one of the ethernet ports on your ASA, and set the interface to the static IP provided to you (if you get static).

If your DSL modem is also a router you will want to edit the config and make sure you forward all traffic to your ASA IP address, and if your internal network uses the same IP address that the DSL modem/router puts out change the DSL modem/router

eb
0
 
chuckyhCommented:
As far as I know the ASA wouldn't be the entry point for the internet connection. The DSL modem or the csu/dsu would be where the internet connection terminates. and then you would connect the ASA to the dsl or other router.
0
 
rsivanandanCommented:
Hello NCSO,

When it comes to Cisco Firewalls, the interfaces are limited. So I don't think so.

Cheers,
rsivanandan
0
How do you know if your security is working?

Protecting your business doesn’t have to mean sifting through endless alerts and notifications. With WatchGuard Total Security Suite, you can feel confident that your business is secure, meaning you can get back to the things that have been sitting on your to-do list.

 
NCSOAuthor Commented:
My concerns are that with most DSL implementations you can request a static global address on the WAN interface of the DSL Modem; in turn the inside interface of the DSL modem will be in a 192.168.x.x scheme.  With the ASA, if I assign the WAN interface within that IP schema; the inside interface of the ASA would have to be on a different schema.  Agree!

Secondly,  if we want to hang a www and smtp server on a DMZ of the ASA, will the DSL modem forward the packet as is and allow the ASA to route the port 80 and port 25 traffic to the DMZ accordingly?

Your thoughts!
0
 
chuckyhCommented:
That's not the experience with DSL that I've had, The dsl modem shouldn't do any NATing, it should just give you the external IP. Who do they have their DSL service? You should be able to call them up and see what kind of equipment they use.
0
 
NCSOAuthor Commented:
Bellsouth/AT&T should be the DSL Provider.  I was wondering would I be better off using, say, a Cisco 800 series DSL router rather than the westel that ships with most DSL installations?  The Cisco 800 would give me a lot more flexibility.  Would you agree?

So you don't see any issues with using DSL and the Cisco ASA 5520?
0
 
chuckyhCommented:
You can use the Cisco 800 or the Westel. All the Westel does is give you an external IP address. It's very plain and straight forward. Plug the ASA into the Westel and setup the interface with the external IP, then setup the rest of the network.
0
 
NCSOAuthor Commented:
I will give it a shot.  Thnx
0
 
NCSOAuthor Commented:
That's EXACTLY what I needed to hear!  Thanks
0
 
Erik BjersPrincipal Systems AdministratorCommented:
Glad you got it working
0
 
rsivanandanCommented:
ebjers,

  Long time no see ???

Cheers,
Rajesh
0
 
Erik BjersPrincipal Systems AdministratorCommented:
I travel alot for work, and also went back to school so I've been rather swamped for a while, thanks for the welcome back.
0
 
rsivanandanCommented:
Kewl.

Cheers,
Rajesh
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.