<div>
<div class="content wysiwyg-content">
We have an ASA 5510 and we are trying to set up a new network segment that will function as a DMZ. We want requests to ports 25 and 443 to pass through the DMZ and then onto the internal network, which is connected through another interface. I am having trouble obfuscating the internal network segment from the DMZ. I don't want to give out any information about internal network addresses to the DMZ. <br />
<br />
Let's say our DMZ address segment is 192.168.80.0/24 and our internal address segment is 192.168.240.0/24. I have successfully created rules that allow ports 25 and 443 from the outside into the DMZ and they route to the correct servers. Now, I'd like to be able to allow our DMZ servers to connect to obfuscated addresses (either fake addresses on the same network segment or ones that don't truly exist) instead of connecting directly to 192.168.240.X. <br />
<br />
I do not entirely know if this is possible, but if you can generally describe without asking me to output my configuration, that would be preferable.<br />
<br />
Thanks!
</div>
</div>


We have an ASA 5510 and we are trying to set up a new network segment that will function as a DMZ. We want requests to ports 25 and 443 to pass through the DMZ and then onto the internal network, which is connected through another interface. I am having trouble obfuscating the internal network segment from the DMZ. I don't want to give out any information about internal network addresses to the DMZ. 

Let's say our DMZ address segment is 192.168.80.0/24 and our internal address segment is 192.168.240.0/24. I have successfully created rules that allow ports 25 and 443 from the outside into the DMZ and they route to the correct servers. Now, I'd like to be able to allow our DMZ servers to connect to obfuscated addresses (either fake addresses on the same network segment or ones that don't truly exist) instead of connecting directly to 192.168.240.X. 

I do not entirely know if this is possible, but if you can generally describe without asking me to output my configuration, that would be preferable.

Thanks!

ASA Configuration / Hiding Internal IP from DMZ

Cisco PIX is a dedicated hardware firewall appliance; the Cisco Adaptive Security Appliance (ASA) is a firewall and anti-malware security appliance that provides unified threat management and protection the PIX does not. Other Cisco devices and systems include routers, switches, storage networking, wireless and the software and hardware for PIX Firewall Manager (PFM), PIX Device Manager (PDM) and Adaptive Security Device Manager (ASDM).

Cisco

Hardware-based firewalls provide more sophisticated protection for inbound and outbound traffic than the simple Windows software firewall or the basic NAT firewalls found in routers. These devices implement techniques such as stateful packet inspection, deep packet inspection, and content filtering; and may include built-in antivirus and anti-malware protection.