Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

To choose a router/firewall or a firewall with DMZ

I have the following questions regarding to (Cisco's) router and firewall:

1) There are two kind of firewall:the standalone firewall (hardware) and the firewall embedded in a router (software based). Is the cml (command line coding system) same for both kind of firewalls? For example, can both use these statements?:

static (dmz,outside)tcp interface 80 WWW-DMZ-IP 80 netmask

2)If it is YES to Que #1, can I say that

the way I learnt to code a firewall embedded in a router can also be used to code a standalone (hardware) firewall, so I do not need a new training to start with, correct?

3) Could you please recommend entry level (lower end) router(s) that comes with a firewall and also support DMZ?

4) Could you please recommend entry level (lower end) standalone firewall (hardware) that supports DMZ?

Many thanks.


Re: To choose a router/firewall or a firewall with DMZ

The IOS Firewall Feature set differs from the Cisco Secure PIX Firewall. It's not hard to configure, the commands are slightly different comparing to IOS.

If you are conformtable with how a firewall works, and you take your time to read the configuration guide it's not that hard to configure.

Check out the Integrated Services Routes 1800,2800 and 3800 series. With the right IOS you should be OK.

If you need a higer port density (for DMZ purposes) you will be better of with PIX firewall 500 series for instance.