Avatar of freycom
freycom

asked on 

Webserver with ASA 5505 Base license

I currently have ASA 5505 with 50 User base license.   I has a site-to-site vpn, and remote access vpn configured.

I have a DB server, and 10 users.  We just purchased a Web Module that runs on IIS, and it requires a UNC share to the database folder. We have purchased a Web Server, and i configured it on the dmz vlan.

I managed to setup the DMZ, and i can nat ports to the webserver with no problems.  

What is the best way to connect the webserver to db server?  
I was thinking of adding a nic to connect to VLAN1 but it seems to defeat the purpose of the DMZ?

Would it be better to purchase the Sec Plus license?  

Or is there a better way altogether?
CiscoNetwork Architecture

Avatar of undefined
Last Comment
Ernie Beek
Avatar of Ernie Beek
Ernie Beek
Flag of Netherlands image

Personally I would put th DB server in the DMZ as well. Users can still get to it through the firewall (high security interface to a lower security interface), the webserver can connect to it because it's in the same network and it's still protected from the outside world because there is no nat set up through the ASA so no way you can get there from the outside.
ASKER CERTIFIED SOLUTION
Avatar of Les Moore
Les Moore
Flag of United States of America image

Blurred text
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Avatar of freycom
freycom

ASKER

The webserver is for outside access, and would require access from both the inside network, and the outside network.
Avatar of Ernie Beek
Ernie Beek
Flag of Netherlands image

@lrmoore: darn, always forget that.

In that case I have to second lrmoore.
Cisco
Cisco

Cisco PIX is a dedicated hardware firewall appliance; the Cisco Adaptive Security Appliance (ASA) is a firewall and anti-malware security appliance that provides unified threat management and protection the PIX does not. Other Cisco devices and systems include routers, switches, storage networking, wireless and the software and hardware for PIX Firewall Manager (PFM), PIX Device Manager (PDM) and Adaptive Security Device Manager (ASDM).

27K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
Ask the experts
Read over 600 more reviews

TRUSTED BY

IBM logoIntel logoMicrosoft logoUbisoft logoSAP logo
Qualcomm logoCitrix Systems logoWorkday logoErnst & Young logo
High performer badgeUsers love us badge
LinkedIn logoFacebook logoX logoInstagram logoTikTok logoYouTube logo