Posted on 2008-10-20
I am trying to set a dmz. Here is how the traffic will travel:
Internet (inside) ---> ASA ----> Router (outside interface) ----> back to the ASA to interface vlan50 (dmz) ((where the servers are located))...
An outside vender needs to VPN into there router on our outside interface... from there they can manage there servers in out dmz....
On my inside interface access-list I should just allow esp port 50 to there router. Then I would allow the router to only get to the dmz... I have created an access-list for the dmz, but I am not able to put it on the dmz interface... Any suggestions... Thanks