×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

PIX 515

Unanswered Question
Mar 16th, 2004
User Badges:
  • Bronze, 100 points or more

Can I replace first firewall and first router (from internet side) with one cisco PIX 515 firewall?

In that case firewall will be connected direct to www, mail, ftp serwer, router for workgroup and server with IPSec for wi-fi


http://www.cisco.com/en/US/products...4094/index.html


It have NAT, DHCPD and can operate on 6 10/100 Fast Ethernet interfaces.


Is this possible/good solution ??


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
vmiller Wed, 03/17/2004 - 13:23
User Badges:
  • Gold, 750 points or more

you can replace the firewall. Pixes do not route.

IAN WHITMORE Fri, 03/19/2004 - 07:47
User Badges:
  • Silver, 250 points or more

Not possible/ not good (actually I don´t know if it´s possible-depends on your routing). I DO know that PIX´s are not routers and cannot route so it´s not a good idea. I also know that the Cisco recommended solution (SAFE) is to have an external router as your permiter (first-line) security.


Basically, plug router into e0 interface on the PIX and the other end into ISP. PIX default route sends all traffic to router ethernet interface. Much easier this way!

Actions

This Discussion