Cisco Network Gateway
So some context I have been adding a ZeroTier gate way into my home lab and have managed it via adding it directly to my server VLAN with a static IP and all the required static routes but I’m not sure if this is the best way to do this in production, the resources remotely requires are all within this VLAN so it seemed logical but it is putting an external link directly inside my highest security level area and “bypassing” the asa5506 that’s my firewall (in production is a firepower 1010 with asa software but this works for a test lab).
So my question would it be better to leave it as is or to create a separate interface on the asa and have it routing the traffic according to static routes and ACLs with the inside network at security level 100 and the ZT interface at level 80.
This is a relatively small network and I am not a network engineer by trade so any suggestions would be appreciated, don’t need it spoon feeding to me just after what would be considered best practice.