Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

PIX F/W design

hi

i need a very basic info of placing a PIX in a small N/W.

we hve a LL from ISP terminating in our router and we hve a small group of pcs(in private subnet).

right now i hve connected my routers eth,pix public eth in a seperate switch.

private eth port of pix is connected to a switch where my local pcs r connected.

is this topology a right one ?

can i break this and connect all (router/pix/my lan) in a single switch?

thx in adv

prem

1 REPLY

Re: PIX F/W design

Hi Prem,

Your design sounds fine and your idea to plug this into one switch should also be fine. I would suggest creating 2 VLAN's on your switch for the "outside" and "inside" connections to increase the security level a bit. With this design in place, your only real concern (physically) is VLAN hopping which is more theoretical than practical. If VLAN hopping is a security concern of yours, physically seperating the "outside" and "inside" switches is necessary. Hope this helps.

Scott

76
Views
0
Helpful
1
Replies
CreatePlease to create content