Allowed third party company connect via Cisco PIX 501 safely
Posted on 2004-09-13
I am new in the firewall and router setting and configuration.
The current setting is done by a third party company and now I am trying to do it myself to meet the new requirement.
The current scenario is:
In my main office, I have 2 routers (Router 805), 2 leased lines and 1 Cisco Pix 501 firewall. And in my branch office, I have 1 router (Router 805).
In the main office, the 2 routers are connected to firewall and then the firewall is connected to 3Com 12 ports 10/100 switch. 1 of the router is connected to the Internet and another 1 (Router A) is connected to branch office router (Router B).
The IP address of the firewall in main office is 192.168.41.1.
The gateway of the users in main office is 192.168.41.2 (Router A) and the gateway of the users in branch office is 192.168.42.50 (Router B).
Now, my main office has a 3rd leased line to connect to a third party company and thus have a 3rd router as well.
But, I don’t know how to connect to my current network securely because my friend told me that the Cisco Pix 501 firewall has 4 ports and the 4 ports are trusted.
Thus, it is not safe if I just put in the 3rd router to the 3rd port on the firewall.
Any suggestion of the new requirement?
The purpose of the 3rd leased line is for some of my users to use the third party company web base software to key in sales order and the information is stored in the third party company.
The users will click the printing button to print but the printing command is sent from the third party company to my print server.
So, for outgoing port, I need to open TCP 80 and for incoming, I need to open few ports (I don’t know what ports to open yet) to accept the printing command from the third party company IP Address (few IP addresses).
And some users who need to access this web base software also have Internet access.
Any suggestion or help are appreciated.