Scenario 4: Private Vlan Services - Cisco ASA 5505 Getting Started Manual
Hide thumbs
Also See for ASA 5505:
- Configuration manual (1822 pages) ,
- Getting started manual (168 pages) ,
- Administrator's manual (118 pages)
Table of Contents
Advertisement
Deployment Scenarios with VLANs
Scenario 4: Private VLAN Services
Cisco ASA 5505 Getting Started Guide
2-6
In this example, the physical ports on the ASA 5505 are used as follows: the
Inside VLAN includes three Ethernet switch ports and a PoE switch port for an IP
phone and other PoE devices. The number of ports can be increased by adding an
additional switch or hub to the Inside VLAN.
The Internet VLAN includes two Ethernet switch ports that connect to two
different ISPs using separate WAN routers or broadband modems, which provides
highly reliable Internet connectivity.
In
Figure
2-4, web servers located in the same VLAN are not permitted to
communicate with each other. This type of configuration increases the security of
individual switch ports and segregates traffic for all devices connected to the ASA
5505. When you isolate devices in this manner, security for the individual servers
is enhanced because if one server experiences a virus infection or other security
breach, then the breach is confined to that device.
Figure 2-4
VLAN with No Communication Permitted Between Web
Servers
Web Services
VLAN (DMZ)
Printer
Business VLAN
Chapter 2
Planning for a VLAN Configuration
Power
cable
ASA 5505
PO
WE
Cis
48
R
co
VD
C
AS
A SS
C-0
5
7
Sta
tus
POW
Sec
uri
ER
ove
ty
r ETH
Ser
vic
ERN
ET
es
6
Ca
rd
5
Slo
t
4
3
2
Internet VLAN
Router
Internet
Personal
computer
co ns
ole
1
0
1
2
RE
SE
T
78-17612-01
- Quick Links:
- Ports and Leds
Hide quick links:
Advertisement
Table of Contents
