Can we terminate an internet link with ethernet handoff on a firewall.If yes what are the pros and cons of it.how the routing will be done in this case.
please assit with above queries.
Yes you can and the routing would be quite simple ie. you would simply need a default-route on the ASA pointing to the upstream ISP router eg.
ip route 0.0.0.0 0.0.0.0
As for pros and cons. Well routers have more functionality such as a much more fully featured QOS toolset but then if it is Internet connectivity your QOS options are limited anyway. An upstream router can also be used to filter out some of the more general traffic ie. you should not see any private RFC addressing coming from the Internet so you can have a basic acl on the router to filter this out.
But probably the most common reason to use a router is that the handoff is not ethernet which was happened a lot in the past. Nowadays with ethernet becoming more prevalent in WAN as well as LAN it is perfectly acceptable to terminate your connection directly to the ASA.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...