We have a Cisco 800 Broadband router/modem in place providing ADSL broadband connectivity for a small site (acting as the default gateway) but no firewall. I know the 800 has a built in firewall (currently disabled) but the customer has already bought a Cisco Pix 506 firewall and wants it implemented. I have a few questions.
- Is it worth just using the firewall on the 800 instead? Does it provide the same features as the Pix? (customer requires remote access via VPN client and hosts an Exchange server)
- If the best solution is implementing the Pix, how best should I wire up and configure both devices.
This customer will also be hosting a web server in the near future so any config will need to be able to accommodate this.
The current config on the 800 use PAT for internal client Internet access and forwards port 25 traffic to their Exchange server.
Also, I've already tried configuring the Pix (inside interface on 800 into outside interface on Pix via an unused switch and making inside interface on Pix the default gateway) and implementing a standard config (attached) but couldn't get it working (could ping internet IP addresses on the Pix but not from a client).
Apologies for the complicated/convoluted nature of this mail - this is a customer I've inherited and I'm trying to make sense of their setup/requirements. This is also my first experience of the 800.
Any help would be greatly appreciated.