Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 407
  • Last Modified:

Cisco ASA and Multiple Inside Networks

Would somebody confirm I can do the following? I need to make sure this will work an ASA5505-SEC-BUN-K9 running 9.1.3

I have four networks I need to deal with

Outside (security level 0)  public ip address
DMZ  (security level 10)  10.0.0.0/24
Office (security level 90)  172.17.1.0/24
Engineering (security level 100) 192.168.1.0/24

The Engineering network needs to be able to get to everything, everywhere

The office network needs to access the Internet (outside), web server in the dmz (ftp, smb, www) , and certain services on selected machines in the Engineering network. Can I do a PAT from the Office network to the Engineering network? i.e. from the office network connect to http://172.17.1.1 and I get to to the web server at 192.168.1.10

 The DMZ machine needs only to be set up for NAT so that the Internet can access the web server.

I will also be setting up two SSL VPN groups - one which allows only access to the office network (using rdp) , one to the engineering network (using rdp and www).

I have never set up where I had 2 "inside" networks - Engineering and Office. I just need to confirm it will work before I get started.

thank you!
0
claytarget
Asked:
claytarget
2 Solutions
 
Pete LongTechnical ConsultantCommented:
I see no reason why you cannot do this, you have a sec plus firewall, so have no limitations on VLANS.

PL
0
 
rauenpcCommented:
Pete is correct, you shouldn't have any restrictions. It can sometimes be a bit more complicated when it comes to ACL's and natting, but it can certainly be done.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Choose an Exciting Career in Cybersecurity

Help prevent cyber-threats and provide solutions to safeguard our global digital economy. Earn your MS in Cybersecurity. WGU’s MSCSIA degree program was designed in collaboration with national intelligence organizations and IT industry leaders.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now