LinuxLists.cc - How to Setup TWO DMZ Zones (DMZ1 and DMZ2) on the Cisco ASA 5506-X Firewall

2020-08-11 14:39:08

Subject: How to Setup TWO DMZ Zones (DMZ1 and DMZ2) on the Cisco ASA 5506-X Firewall

Subject: How to Setup TWO DMZ Zones (DMZ1 and DMZ2) on the Cisco ASA
5506-X Firewall

Author: Mr. Turritopsis Dohrnii Teo En Ming (Targeted Individual)
Country: Singapore, Singapore, Singapore
Date: 11 August 2020 Tuesday Singapore Time
Type of Publication: Plain Text

Cisco ASA firewall appliances are based on open source software.

Reference Guide: Cisco ASA DMZ Configuration Example
Link: https://www.speaknetworks.com/cisco-asa-dmz-configuration-example/

Cisco ASA CLI commands:

interface GigabitEthernet1/6
description to DMZ1
nameif dmz1
security-level 50
ip address 192.168.1.1 255.255.255.0

interface GigabitEthernet1/7
description to DMZ2
nameif dmz2
security-level 50
ip address 192.168.2.1 255.255.255.0

nat (dmz1,outside) after-auto source dynamic any interface
nat (dmz2,outside) after-auto source dynamic any interface

object network DMZ1SERVER-EXT
host <public WAN IP address #1>

object network DMZ1SERVER-INT
host 192.168.1.10

nat (dmz1,outside) static DMZ1SERVER-EXT service tcp ssh ssh

access-list OUTSIDE extended permit tcp any object DMZ1SERVER-INT eq ssh

access-group OUTSIDE in interface outside

object network DMZ2SERVER-EXT
host <public WAN IP address #2>

object network DMZ2SERVER-INT
host 192.168.2.10

nat (dmz2,outside) static DMZ2SERVER-EXT service tcp ssh ssh

access-list OUTSIDE extended permit tcp any object DMZ2SERVER-INT eq ssh

access-group OUTSIDE in interface outside

copy run start

Additional Learning Material
============================

Reference Guide: Remote Access IPsec VPNs
Link:
https://www.cisco.com/c/en/us/td/docs/security/asa/asa95/configuration/vpn/asa-95-vpn-config/vpn-remote-access.html

--
-----BEGIN EMAIL SIGNATURE-----

The Gospel for all Targeted Individuals (TIs):

[The New York Times] Microwave Weapons Are Prime Suspect in Ills of
U.S. Embassy Workers

Link:
https://www.nytimes.com/2018/09/01/science/sonic-attack-cuba-microwave.html

********************************************************************************************

Singaporean Mr. Turritopsis Dohrnii Teo En Ming's Academic
Qualifications as at 14 Feb 2019 and refugee seeking attempts at the
United Nations Refugee Agency Bangkok (21 Mar 2017), in Taiwan (5 Aug
2019) and Australia (25 Dec 2019 to 9 Jan 2020):

[1] https://tdtemcerts.wordpress.com/

[2] https://tdtemcerts.blogspot.sg/

[3] https://www.scribd.com/user/270125049/Teo-En-Ming

-----END EMAIL SIGNATURE-----