Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
419
Views
0
Helpful
5
Replies

FW Implementation - Design

subra4u
Level 1
Level 1

‎03-06-2008 06:18 AM - edited ‎03-03-2019 09:00 PM

Hi All,

Please look into the attached Diagram. We have got some 3640 routers and 7507 BG router with Public Networks A throuh I as mentioned in the Diagram.

We are looking to introdue a Cisco ASA 5500 into the network for the Public Networks A through E and I and H. Public Networks F and G will not be behind the FW post implmentation.

We are thinking of introducing a Cisco 3560G-24 Switches to do the job.The implementation will also offload the Public Networks F and G from the BG(Border Gateway).

Please give me some inputs on this.

Regards

Subra4u

I am little confused on where to place the FW because the Implementation should be a first step for a near future redundant setup in terms of connectivity and HW.

Labels:
Preview file
142 KB
0 Helpful
5 Replies 5

subra4u
Level 1
Level 1

‎03-06-2008 07:37 AM

Any Help is greatly appreciated

0 Helpful

Mohamed Sobair
Level 7
Level 7

‎03-06-2008 07:55 AM

Hi,

The appropriate setup is to place a Firewall behind the GW which connects to the internet.

Could you clarify why Public Networks F/G is not behind a FW, and what is the rest of the public Networks represent.

HTH

Mohamed

0 Helpful

subra4u
Level 1
Level 1
In response to Mohamed Sobair

‎03-06-2008 08:06 AM

Hi,

Thanks for your response.

Public Networks F and G are Media (meaning voice)

Other Public Networks are for Data.Each Public network is atleast a /24 subnet.

Do we really need two L3 switches for deploy this ?

The BG router can only do Fibre Gigabit and not copper.

Thanks in Advance.

Regards

Subra4u

0 Helpful

Danilo Dy
VIP Alumni
VIP Alumni
In response to subra4u

‎03-06-2008 08:15 AM

Hi,

Your planned setup is okay. No, you don't need a L3 Switch. Most firewall nowadays support 802.1Q trunking.

If budget is tight, you can use one L2 switch for initial setup (use VLANs), that is if the L2 switch has enough ports to connect the firewall, BG router, and A to I. Else you really need 2 x L2 switches, one that supports SFP for Fibre GE and other media to connect BG router, Firewall and F & G.

Regards,

Dandy

0 Helpful

subra4u
Level 1
Level 1
In response to Danilo Dy

‎03-06-2008 08:46 AM

Hi Medan,

Thanks for the quick response.

With the current setup can we add additional link from the BG and connect it to another switch and run HSRP to bring failover.

Thanks & Regards

Sundar

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card