Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Box for VPN/DMZ

I was looking to get a 17xx with two additional Ethernet WIC (so 3 10BT ports total) to setup a VPN node and put a mail/web server in a DMZ.

Unfortunately, I found out that they only actually support 1 additional Ethernet WIC and to set up a DMZ I'd need to have a DSL or other WIC interface to the ISP, use the Ethernet WIC for the DMZ and use the built in Ethernet for the Private Lan.

So, can what box should I get for VPN + DMZ -- can a 2600 help me? Can I still use a 1751 and uses VLANs somehow to create the DMZ and Private (v)LANs? Can I get forget about the DMZ and use NAT/PAT to expose private servers? What's the best solution?

Any help or experiences would be appricated.

New Member

Re: Box for VPN/DMZ

Have you considered using a PIX515 firewall? In your situation, you do not require a seperate router. Otherwise you might want to consider the 2600 router family.

New Member

Re: Box for VPN/DMZ

Layer seperating the DMZ is always recommended. The 2600 is a good choice. The 2621 and 2651 are good bets and you can add more ethernet and WIC ports if you need them. It's wise to order the IOS firewall feature set and the encryption feature.

CreatePlease login to create content