Home network setup - incorporating Cisco ASA 5505

3

I am planning to imlpement an ASA 5505 in my home network and I am wondering if this is a valid configuration. I am wondering if it is necessary to have 3 separate internal subnets or if these can be cabeled together in a more efficient fashion?

I plan to keep the 2 servers (game, e-mail) branched off the ASA directly in a DMZ configuration. The rest of the clients connect through the wireless/wired router.

Any unforseen problems with a setup like this (Modem -> Firewall -> Internal Router)? I have read sites that say I will have to accept an IP via DHCP for the ASA's external interface.

Below is my planned network diagram.

Image

Deepa Mathew

Posted 2011-08-12T18:35:56.660

Reputation: 31

Answers

1

Why have an ASA if you are just going to DMZ your machines? and why have one on NAT as well? and the servers will only be in a DMZ on their particular subnet, they'll still be behind the firewall of the cable modem. Why an additional subnet for the wireless - why not just have an access point and not NAT+DHCP?

Try to get your ISP to bridge the cable modem. Use the ASA as your primary router. Don't DMZ your servers, just open the appropriate ports. Run your wireless as an access point on the same subnet. All this will GREATLY simplify the setup and connectivity within and to your network and will save you a lot of frustration.

Basic Network Setup

MaQleod

Posted 2011-08-12T18:35:56.660

Reputation: 12 560

I agree with MaQleod. I had the EXACT same setup, my ISP modem was bridged, my ASA 5505 got it's outside interface IP via DHCP from ISP. My wireless router I turned into a wireless access point (bridge) on the same subnet as my inside subnet. The ASA would serve as a DHCP server for my inside subnet/network. Very simple to manage, very efficient and never had any problems segmenting everything as desired. – None – 2012-08-01T14:06:25.770

Asked: 2011-08-12T18:35:56.660

Viewed: 8 362 times

Active: 2018-09-16T15:42:36.477