Options

New Router and ASA 5500 Question

fommyfommy Member Posts: 42 ■■□□□□□□□□
in Off-Topic
hey everyone,

wonder if you can shed some light on how I can do this, basically I have purachased 1 x 2800 router and 2 x asa 5500 appliances.

I have one internet connection coming into my office, so I will connect that into my router. But what i want to do next is split this connection coming out of my router into each of the asa 5500 appliances.

I have bought the extra Gbit card so I have all the hardware.

1. How can I do this?

2. Will this work more to the point?

Thanks peeps.

Matt.

errrrrrrr
MCITP Enterprise Admin then CCNA - as I failed CCNA twice now. boohoo
· Share on FacebookShare on Twitter

Comments

  • Options
    ClaymooreClaymoore Member Posts: 1,637
    Why do you want to split the connection to the ASAs?

    If you are trying to load balance or failover the ASAs for internet high availability, you should put a switch in front of them (instead of a router) so the Outside interfaces are on the same network.

    If you are trying to create separate security zones, the ASAs have multiple interfaces that could be defined - such as Inside, DMZ, etc - and different security policies applied to each.

    If this is for a different reason or purely academic, then yes it is possible. Just assign different IPs to each router interface and let the router do its thing.
    Clay Moore's Blog
    · Share on FacebookShare on Twitter
  • Options
    jworleyjworley Member Posts: 39 ■■□□□□□□□□
    ^+1

    really not sure why you'd want to do that. A single ASA can have multiple zones. As Claymoore said, though, you can technically do it buy IPing two interfaces on the router in different subnets, then IP the ASAs accordingly.
    "I asked, 'Why do you bring a gun to a UFO sighting?' Guy said, 'Way-ul, we didn wanna be ab-duc-ted.' If I lived in Fife, Alabama, I would be on my hands and knees every night praying for abduction" -Bill Hicks
    · Share on FacebookShare on Twitter
Sign In or Register to comment.