We are looking to set up Site to Site VPN solution to connect a few (~5) small sites to our WAN. Our service provider has proposed a solution based on 1700 routers with VPN modules (at both ends). At the head end they have also given us the option of a separate firewall between the Internet and the VPN router.
What are the additional security risks (if any) of not having the Firewall (it more than doubles the cost)? Does anyone know of any white papers etc detailling the pros and cons. I have looked at the Cisco SAFE documents.
Cisco SAFE documents should have details on these already, but for the most part Firewalls can provide you with layered Security, so even if the Routers could have been vunerable to a well organised attack, it will be almost impossible to make one happen with a Firewall and Access-lists applied on a Router, both implemented together to complement each other.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...