From: jockey wearer (jockeywearer@gmail.com)
Date: Wed Mar 04 2009 - 04:50:22 ARST
Dear All,
Our Team has designed "Three tier security"* *design which consist of
ASA,Fortigate Appliace,Cisco 6500 FWSM devices
Internet Router----ASA----Fortigate FW----- cisco 6500 FWSM------All
Servers(Email Server-10.1.1.1)
!
!DMZ
!
External email
server(172.16.1.1)
I have planned to do natting on ASA for External servers connected to
fortigate.
I am in confusion that should I need to do NATTing on ASA and again on
Fortigate FW to hit to External Email server
eg.NATTing and allow needed services
On ASA 212.X.X.X ------> 192.168.1.1
On Fortigate FW 192.168.1.1 ------> 172.16.1.1 ( External Email
Server)
on FWSM again I have to do NAT for Email Server
(10.1.1.1)
I am little bit in confusion .
Can anybody guide me or suggest me what is best way to configure to Avoid
complex Configuration ?
I have to just complete essential setup and after that we can do improvement
for network .
Did Fortigate or ASA is right place where I can keep my External server in
DMZ ?
What is Best and simple Way?
Any update or guideline is highly appereciate.
Thanks
Prashant
Blogs and organic groups at http://www.ccie.net
This archive was generated by hypermail 2.1.4 : Mon Apr 06 2009 - 06:44:04 ART