Even on a VPN connection that is established on the ASA 5500. ![]() ![]() Your ASA 5500 should allow you to access any VLAN created as subinterfaces on the LAN interface for Intervlan routing. So depending on one's definition of a DMZ your DMZ isn't really a DMZ zone. If your ASA 5500 is your perimeter router and your internet connection connects to it via WAN port, then your 3 VLANs you configured as subinterfaces on the LAN interface of the ASA 5500 are really all subnets of the ASA 5500 and are not segmented into seperate networks using a router and firewall. ![]() Have to remember that a DMZ zone is an area between your perimeter firewall and your firewall that protects the company network or is an area that is not protected by any firewalls but is behind a perimeter router and in front of the company firewall.
0 Comments
Leave a Reply. |