Hi,
I have been assigned a project to configure ASA 5510 from the scratch to connect and monitor the devices between servers.
ASA 202 needs 4 interfaces configuring
ASA 102 needs 3 interfaces configuring
ASA 202
interface e0/2 is connected to switch U1-1. This switch is ultimately connected to another switch U1-2 (vlan 10) where the first set of monitoring devices are kept.
interface e0/1 is connected to switch U2-1. this switch is connected to another switch U2-2 (vlan 20) where the second set of monitoring devices are kept.
interface e 0/0 is connected to another DMZ switch SW15 where another server resides. This server has various interfaces and connected to switch SW15 on various ports.
The last interface is for management purpose and is connected to another switch which leads to outside world.
i have done the basic configuration. is it correct?
ASA202
interface Ethernet0/0
nameif dmz
ip address X.X.X.X 255.255.255.240
security-level 50
speed 100
duplex full
no shut
interface Management0/0
nameif management
security-level 100
ip address X.X.X.X 255.255.255.0
speed 100
duplex full
no shut
interface vlan10
nameif inside
security-level 100
ip address X.X.X.X 255.255.255.0
no shutdown
interface vlan20
nameif inside
ip address X.X.X.X 255.255.255.0
security-level 100
no shutdown
interface Ethernet 0/1
switchport access vlan 20
no shutdown
interface Ethernet 0/2
switchport access vlan 10
no shutdown
This is a second firewall configuration ASA
ASA 102
interface e 0/1 is connected to switch SW15 via trunk
interface e0/0 is connected to outside world via another switch
The last interface is for management purpose.
hostname ASA102
interface Ethernet0/0
nameif outside
ip address x.x.x.x 255.255.255.240
security-level 0
speed 100
duplex full
no shut
interface Management0/0
nameif management
security-level 100
ip address x.x.x.x 255.255.255.0
speed 100
duplex full
no shut
interface Ethernet0/1
no nameif
security-level 100
no ip address
no shut
interface Ethernet0/1.1
description vlan 2
vlan 2
nameif Vlan2
security-level 100
ip address x.x.x.x 255.255.255.240
no shut
interface Ethernet0/1.2
description vlan 198
vlan 198
nameif Vlan 198
security-level 100
ip address x.x.x.x 255.255.255.240
no shut
interface Ethernet0/1.3
description vlan 296
vlan 296
nameif Vlan 296
security-level 100
ip address x.x.x.x 255.255.255.240
no shut
interface Ethernet0/1.4
description vlan 299
vlan 299
nameif Vlan 299
security-level 100
ip address x.x.x.x 255.255.255.240
no shut
Can you please check the config i have prepared for the firewalls. i will post the rest of the config bit by bit as i configure them according to the need. and let u know. thanks
