Firewalling 2 live WAN links

- P
- psychogenic
  
  Contact options for registered users
posted
16 years ago

Tue, Sep 4, 2007 8:10 PM

I currently have one ASA 5510 sitting behind one of my edge routers and I'd like to also use this same device to firewall another WAN link. Currently the 2 networks behind each WAN link can talk to each other through our core router. Is this doable? Would I need to configure 2 inside interfaces so that traffic destined for either of those WANs have their own gateway? Can this be accomplished with just one inside interface? The end result will look something like this (Ip ranges are just examples):

10.1.1.0/24 WAN B = = Router B = = ASA 5510 = = Router A = = WAN A 20.1.1.0/24 = = Core Router 192.168.1.0/24 Internal Network

It's all static routing here.

Loading thread data ...

- P
- psychogenic
  
  Contact options for registered users
Vote on answer
posted
16 years ago

Wed, Sep 5, 2007 1:32 PM

Here is an example of what my current network looks like (IPs are just examples):

WAN B = = Router B = = ASA 5510 = = Core Router = = Router A = = Wan A = = Internal Network

WAN B network 192.168.10.0/24 WAN A network 192.168.20.0/24 Internal network 192.168.30.0/24

On the core router I have static routes to forward traffic destined for WAN A to Router A and traffic to WAN B to the ASA 5510. On the ASA I have routers set to forward all traffic coming out of the outside i/ f to Router B and all traffic from the inside i/f to the core router. Simple stuff. However now I want to move that Router A link up to the ASA 5510 so that both are firewalled.

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.