Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Network design question

This should be a relatively easy question:

We currently have a single 150 user Class C network-192.168.1.x that is quickly being used up.

In response to increased growth, we have decided to add additional networks and implement routing.

However, our firewall going out to the Internet is configured with ip address 192.168.1.1.

Question is:

Since we will need to use 192.168.1.1 address for our router interface, where does that leave the firewall?

Would it be a good idea to place the firewall on it's own network?

Let me know if you need more details.

2 REPLIES

Re: Network design question

You could place the router in between the hosts and the firewall, and reassign the subnets on the firewall = router side.

Internet

|

|

Firewall

|192.168.2.1

|

|192.168.2.2

Router

|192.168.1.1

|192.168.3.1 (secondary)

|

|

Internal network (192.168.1.0, 192.168.3.0)

Note that this config. needs a router with 2 ethernet interfaces.

Note that 192.168.3.0 was added as secondary, so that you can expand the number of hosts.

New Member

Re: Network design question

You can put the firewall in front of the DMZ. Meaning that any traffic coming in will first have to go through a firewall and any traffic going out will have to go through a firewall also before it goes out to the internet.

82
Views
0
Helpful
2
Replies
CreatePlease login to create content