Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

Firewalling: Best Practise?

We have purchased a Cisco ASA 5505 to protect the servers behind it and I have a question on how to go about it. This is what we have:

- 5 servers with dedicated public IPs and some have more than one (web hosting)

- 2 switches, one for public network and one for internal netowkr (for backing up and faster access between the servers)

What we want to achieve:

- Place all the servers behind the firewall so we can control ports per server

- Have a site-to-site VPN so we can access the UC560 that is hosted at this site for our telephones at this office (already working)

Any suggestions/recommendations? Should be still have an private IP addressing?

Many thanks,

Dmitry

1 REPLY

Firewalling: Best Practise?

Hello Dmitry,

That depends on you, you can disable nat control and use the public ip addresses, I would rather to use nat as it adds a little bit of security to your network as the outside users will not know witch is the private ip address of each internal server.

You will be able to accomplish all you are looking for, seems like the ASA is the firewall device that will implement all your needs on the best way!

Hope this helps.

Regards,

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
217
Views
0
Helpful
1
Replies
CreatePlease to create content