Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

securing my remote sites

I have a Cisco 2611 router which I use to connect to the internet but at the same time to some remote sites. I have a firewall between this router and my internal Cisco 2610 router which connects my LAN and other remote sites. My company says it can not buy another 2611 router, so that the remote sites connected to the internet router are protected by my firewall using the proposed new Cisco 2611 router, leaving the Cisco 2611 router connected to the internet outside.I still want to protect my remote sites. Would anyone know how I can go about this problem.

  • Other Network Infrastructure Subjects
New Member

Re: securing my remote sites

Hi Dickson,

Do you have a CiscoSecure ACS server running on your LAN to authenticate the current remote users on the 2611? How do they access the network, ISDN, analogue dial?

Without knowing much about your network, and assuming that you MAY have the budget available, assuming that the slots on the 2610 are fully populated, I'd go for configuring the NAS/internet router to use TACACS+ authentication on the ACS server. You can also authenticate them at the PIX (is it a PIX?) before they even get to the network. Can't remember how - but it may be worth your while posting this question on the Security forum as you'll get far more sense and better advice from the guys there.

Ideally you want to shift the remotes from the 2611 to the 2610, but again, that depends on the cards installed. Can you upgrade a card to support more users? Difficult to recommend more without knowing more about your hardware configuration. But as I say, try the Security forum, there are some really switched on guys there!!



New Member

Re: securing my remote sites

oops - sorry- -just seen the post on the security site!!

This widget could not be displayed.