LAB Task
1) Configure the all basic configuration according to topology in case of ASA inside security level 80, DMZ security level 50 and 0 security level for outside network.
2) Configure the routing for inside and DMZ(Data Center) zone we uses static(Known Network) route and for outside we uses default(Unknown Network) route.
Addressing:
LAB Solution
#Inside Zone#####################################################################
R1#
hostname R1
interface Loopback0
ip address 1.1.1.1 255.255.255.255
interface Ethernet0/0
ip address 10.1.101.1 255.255.255.0
ip route 0.0.0.0 0.0.0.0 10.1.101.10
R1#
#Outside Zone####################################################################
R2#
hostname R2
interface Loopback0
ip address 2.2.2.2 255.255.255.255
interface Ethernet0/0
ip address 10.1.102.2 255.255.255.0
ip route 0.0.0.0 0.0.0.0 10.1.101.10
R2#
#DMZ Zone###################################################################
R4(config)#
hostname R4
interface Loopback0
ip address 4.4.4.4 255.255.255.255
interface Ethernet0/0
ip address 10.1.104.4 255.255.255.0
ip route 0.0.0.0 0.0.0.0 10.1.104.10
R4(config)#
#ASA Firewall################################################################
AAA(config)#
hostname AAA
interface Ethernet0
nameif outside
security-level 0
ip address 10.1.102.10 255.255.255.0
interface Ethernet1
nameif inside
security-level 80
ip address 10.1.101.10 255.255.255.0
interface Ethernet2
nameif DMZ
security-level 50
ip address 10.1.104.10 255.255.255.0
route outside 0.0.0.0 0.0.0.0 10.1.102.2 1
route inside 1.1.1.1 255.255.255.255 10.1.101.1 1
route DMZ 4.4.4.4 255.255.255.255 10.1.104.4 1
AAA(config)#
################################################################################
Thanks
No comments:
Post a Comment