<div>
For security reason. is it best to have a physical interface for outside, a physical interface to inside (the LAN and also native VLAN1) and have trunking on the other ports to allow multiple DMZ ?<br />
<br />
Like <br />
interface Ethernet0/0: Internet (security 0)<br />
interface Ethernet0/1: LAN native VLAN1 security 100<br />
interface Ethernet0/2.10 DMZ1 security 5<br />
interface Ethernet0/2.20 DMZ2 security 10<br />
interface Ethernet0/2.30 DMZ3 security 15<br />
<br />
Also is there any security risk associated with this kind of setup ??<br />
<br />
<br />
<br />
<br />
<br />

</div>


For security reason. is it best to have a physical interface for outside, a physical interface to inside (the LAN and also native VLAN1) and have trunking on the other ports to allow multiple DMZ ?

Like
interface Ethernet0/0: Internet (security 0)
interface Ethernet0/1: LAN native VLAN1 security 100
interface Ethernet0/2.10 DMZ1 security 5
interface Ethernet0/2.20 DMZ2 security 10
interface Ethernet0/2.30 DMZ3 security 15

Also is there any security risk associated with this kind of setup ??







<div>
<div class="content wysiwyg-content">
Hi,<br />
<br />
I have a ASA5510 that have all the interfaces occupied but i need to add some more DMZ<br />
<br />
If i dedicate an interface to the Ouside for Internet, can i have my LAN and one or two DMZ in the same interface and have access-list applied to it just like it would have been with physical interfacce ??<br />
<br />
Thanks<br />
<br />
<br />
<br />

</div>
</div>


Hi,

I have a ASA5510 that have all the interfaces occupied but i need to add some more DMZ

If i dedicate an interface to the Ouside for Internet, can i have my LAN and one or two DMZ in the same interface and have access-list applied to it just like it would have been with physical interfacce ??

Thanks





ASA5510 and VLAN interface

Cisco PIX is a dedicated hardware firewall appliance; the Cisco Adaptive Security Appliance (ASA) is a firewall and anti-malware security appliance that provides unified threat management and protection the PIX does not. Other Cisco devices and systems include routers, switches, storage networking, wireless and the software and hardware for PIX Firewall Manager (PFM), PIX Device Manager (PDM) and Adaptive Security Device Manager (ASDM).