ASA 5510 as a router?

I am getting my internet service upgraded a would like to not have to buy a router. The ISP is handing off the connection as Ethernet and I was wonder if it were possible to directly connect the ISP's connection to my ASA's outside interface. To complicate things I also need additional IP addresses for web servers in the DMZ so my ISP gave me another block of Public IP's that are in a different subnet than my existing ones.

The scenario is something like this:

Internet Connection (serial) ISP 1.1.1.45 255.255.255.252 Me:

1.1.1.46 255.255.255.252 Existing IP's to NAT into DMZ 2.2.2.0 255.255.255.0 New IP's to NAT into DMZ 3.3.3.0 255.255.255.0

Can this be done? How?

Thank You, Rob

Reply to
reagleston
Loading thread data ...

You list serial connection here but mention ethernet above, which connection are you getting? If it is pure ethernet, like metro-ethernet then I see no reason why you could not plug that into the FW interface. If it is a serial connection (T-1, Frame,etc) there is no way this will work

Not sure about that...

Reply to
Chad Mahoney

It is ethernet. The ISP calls it the serial connection, but it is not a T1. I have plugged the connection in the outside interface an set the outside interface's IP address to be 1.1.1.46 (My side of the serial connection), and I can reach internet. So now how can I NAT those other two subnets to the web servers in the DMZ ?

Reply to
Rob

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.