I'm having to do a rushed migration from a Cisco ASA5510 HA pair to UTM 320s (FW 9.000-8). We'd planned on doing this in a rational manner, but one of the ASAs quit so now I'm scrambling to get the configuration done.
The UTM will sit in front of an e-commerce co-lo installation, and thus will have multiple NATed sites and web services.
I've finally wrapped my aching brain around the idea that I need to explicitly add the external addresses of these sites and services as additional addresses on the external interface. Since I have dozens of distinct addresses, my network definition list is getting extremely cluttered with "broadcast addresses" and "attached network aliases" for each of these additional addresses. I can understand one, for the primary external address, but two additional entries for each is kind of ridiculous.
There's no equivalent to explicitly adding these addresses in iOS for the ASA. Is there any way to prevent these additional entities from being created? Does the presence of these entities mean I'm creating the addresses wrong? Is there a case study/step-by-step guide? I'm finding the documentation a little thin.
Thanks in advance.
The UTM will sit in front of an e-commerce co-lo installation, and thus will have multiple NATed sites and web services.
I've finally wrapped my aching brain around the idea that I need to explicitly add the external addresses of these sites and services as additional addresses on the external interface. Since I have dozens of distinct addresses, my network definition list is getting extremely cluttered with "broadcast addresses" and "attached network aliases" for each of these additional addresses. I can understand one, for the primary external address, but two additional entries for each is kind of ridiculous.
There's no equivalent to explicitly adding these addresses in iOS for the ASA. Is there any way to prevent these additional entities from being created? Does the presence of these entities mean I'm creating the addresses wrong? Is there a case study/step-by-step guide? I'm finding the documentation a little thin.
Thanks in advance.