Solved

Looking to upgrade my 5505 FW  to 5506 X

Posted on 2016-11-10
2
12 Views
Last Modified: 2016-11-30
Hello,

Have been thinking of upgrading my 5505 FW to a 5506X, and coincidentally, I am now having problems with the ICMP. The FW suddenly stopped blocking pings and everything seems like if they are hanging on the internet. Now all servers are pingable from both outside and inside. I have reviewed everything in the ASDM, but I am afraid to restart the FW, for fear that it may not boot up, or even more things could be wrong which will only show up after a reboot.

I am not a specialist in FW. So any expert advice will help me a great deal.
The second thing is I will like to know if i can use the same FW to create a DMZ with my two DNS servers on it with all my servers on the inside network and NAT them through to the outside as I have now. Is that the most reliable way to go about it. I am willing to spend a bit extra to have a setup with two FW's running as Active  Active. What all will i need to accomplish this setup?
Thank you in advance

Richard
0
Comment
Question by:Richard Thomas
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
2 Comments
 
LVL 14

Accepted Solution

by:
SIM50 earned 500 total points (awarded by participants)
ID: 41882673
Have been thinking of upgrading my 5505 FW to a 5506X, and coincidentally, I am now having problems with the ICMP. The FW suddenly stopped blocking pings and everything seems like if they are hanging on the internet. Now all servers are pingable from both outside and inside. I have reviewed everything in the ASDM, but I am afraid to restart the FW, for fear that it may not boot up, or even more things could be wrong which will only show up after a reboot.

Can you post sanitized config?

The second thing is I will like to know if i can use the same FW to create a DMZ with my two DNS servers on it with all my servers on the inside network and NAT them through to the outside as I have now.

Yes. Instead of VLAN interfaces, you will have to configure physical ports. ASA5506X has all routed ports.

I am willing to spend a bit extra to have a setup with two FW's running as Active  Active.

Contexts are not supported in ASA5506X so you can't have active/active failover cluster. You can only have active/standby.
0
 
LVL 14

Expert Comment

by:SIM50
ID: 41907003
Answered.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
WatchGuard T50 - Internet Priority Based on VLAN or User 1 78
Does Cisco ASA 5506-X have full dmz capabilities 3 138
Swapping port on a  Cisco 5510 firewall 1 47
TZ400 2 29
Optimal Xbox 360 connectivity requires "OPEN NAT". If you use Juniper Netscreen or SSG firewall products in a home setting, the following steps will allow you get rid of the dreaded warning screen below and achieve the best online gaming environment…
Imagine you have a shopping list of items you need to get at the grocery store. You have two options: A. Take one trip to the grocery store and get everything you need for the week, or B. Take multiple trips, buying an item at a time, to achieve t…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question