Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
509
Views
3
Helpful
7
Replies

Just can't wrap my head around it.

ciscoadmin
Level 1
Level 1

‎11-08-2006 08:04 PM - edited ‎03-05-2019 12:42 PM

We need to split off our users to a different subnet. My first thought is to put a 2620 between the two subnets and behind the firewall. The design is like so. Interner router then fire wall then internal router then switches for each subnet. We have servers that are email gateways and webmail and web access. My question is if I place this router in between the servers and the firewall how can I still make the web facing services avalible?

Labels:
0 Helpful
7 Replies 7

spremkumar
Level 9
Level 9

‎11-08-2006 08:40 PM

Hi

Instead of brining in a new router in your network which is again a one point of failure try to configure different zones in your firewall if you have the compatibility/feature available with your current box.

Place the servers onto the less secured zone and your lan onto a highly secured zone.

regds

0 Helpful

ciscoadmin
Level 1
Level 1
In response to spremkumar

‎11-09-2006 08:11 AM

Well I had not thought of that and I will look into it. We are looking to have the servers on one subnet say 172.16.1.x and the users on 172.16.10.x will the pix be able to handle traffic like that users talking to email and such? That is why I thought of a router first.

0 Helpful

amit-singh
Level 8
Level 8
In response to ciscoadmin

‎11-09-2006 09:05 AM

Yes, The Pix will be able to handle the traffic like that. Pix is a security device provides the secure connectvity by filtering the unwanted traffic between the different zones.

HTH,

-amit singh

0 Helpful

ciscoadmin
Level 1
Level 1
In response to amit-singh

‎11-15-2006 03:39 PM

Could this be done using Vlans on my switches? Or would it be best done on the PIX. If so is there sone documentation on the PIX setup?

0 Helpful

spremkumar
Level 9
Level 9
In response to ciscoadmin

‎11-15-2006 08:21 PM

Hi

You can configure vlans in your pix firewall as per your requirement which also depends on the number of vlans supported in the particular platform.

VLAN support comes up with PIX OS version 6.3 onwards..

you can refer this link for more info..

http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_configuration_guide_chapter09186a0080172786.html#wp1113411

regds

ciscoadmin
Level 1
Level 1
In response to spremkumar

‎11-16-2006 08:06 AM

Thanks for the info I will look into it. Now with a vlan on the Pix I assume I would need vlans on the switches alos right?

0 Helpful

ciscoadmin
Level 1
Level 1
In response to ciscoadmin

‎11-16-2006 11:16 AM

Here is another question I can install 2 nics into the Pix, I am thinking I could segment off the servers on one of those nic. Is my thinking correct?

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card