06-14-2008 09:14 AM
My GW router is getting many IP spoofing and other attempts.My internet traffic suddenly goes up without any reason.
To tackle with i have get a pix 501.What must be the physical placement of the firewall. Should i place it behind my internet router (b/w internet router and LAN) or even before internet router to avoid unwanted traffic ?
06-14-2008 09:17 AM
behind your internet router. by default the PIX will block any inbound connection and permit ip outbound.
internet GW --- PIX501-----LAN
Francisco
06-14-2008 09:34 AM
Ok..
My internet bandwidth is being dropped on my router. if i use pix behind the router can i stop the illegal b/w usage ?
Please also qoute some idea of pix and router optimization config to avoid and save bandwidth usage
THANKS
06-14-2008 09:54 AM
munawar,
firstly, you will need to find out what is utilizing your internet bandwidth before you can stop.
06-14-2008 02:27 PM
In addition to Francisco's post, you may need to do additional filtering in your router facing ISP/Internet, even by placing firewall it is recommended to implement some additional security in your edge router.
Go over this link which provides anti-spoofing acls .
http://www.cisco.com/en/US/tech/tk648/tk361/technologies_white_paper09186a00801afc76.shtml
Rgds
-Jorge
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: