cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
417
Views
0
Helpful
2
Replies

Box for VPN/DMZ

tymes
Level 1
Level 1

I was looking to get a 17xx with two additional Ethernet WIC (so 3 10BT ports total) to setup a VPN node and put a mail/web server in a DMZ.

Unfortunately, I found out that they only actually support 1 additional Ethernet WIC and to set up a DMZ I'd need to have a DSL or other WIC interface to the ISP, use the Ethernet WIC for the DMZ and use the built in Ethernet for the Private Lan.

So, can what box should I get for VPN + DMZ -- can a 2600 help me? Can I still use a 1751 and uses VLANs somehow to create the DMZ and Private (v)LANs? Can I get forget about the DMZ and use NAT/PAT to expose private servers? What's the best solution?

Any help or experiences would be appricated.

2 Replies 2

rrbleeker
Level 1
Level 1

Have you considered using a PIX515 firewall? In your situation, you do not require a seperate router. Otherwise you might want to consider the 2600 router family.

thompson
Level 1
Level 1

Layer seperating the DMZ is always recommended. The 2600 is a good choice. The 2621 and 2651 are good bets and you can add more ethernet and WIC ports if you need them. It's wise to order the IOS firewall feature set and the encryption feature.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: