Cisco ASA - IP Addressing

- K
- K.J. 44
  
  Contact options for registered users
posted
17 years ago

Sun, Aug 27, 2006 6:29 PM

Hello,

I am setting up my network on a limited budget and have the internal network, hooked to an ISA Server, hooked to a Cisco ASA, hooked to a Cisco 1800 Series router, hooked to an Internet T1. My question is, does the ASA segment the network? In other words, are there two different netowrks, one on each side of the ASA?

something like:

Internal Network 1.1.1.0/24 ------- 1.1.1.1/24 ISA Box 1.1.2.1/24

--------- 1.1.2.2/24 Cisco ASA 1.1.3.1/24 --------- 1.1.3.2/24 Cisco

1800 Series Router PUBLIC IP ------T1------>

or is the ASA like a switch where it is a part of a broadcast domain and not segmenting it?

Also, do I need crossover cables to hook the ISA box to the ASA and the ASA to the router?

Thanks.

Loading thread data ...

- W
- Walter Roberson
  
  Contact options for registered users
Vote on answer
posted
17 years ago

Sun, Aug 27, 2006 7:58 PM

The ASA can be set up as a Layer 2 Transparent Firewall, but historically the PIX it arose out of is a Layer 3 Firewall.

In the diagram you show, in which the interfaces of the ASA have different subnets, the ASA acts like a router. Broadcast packets will not pass through it unless you configure it to be Layer 2 Transparent.

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.