• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 272
  • Last Modified:

Getting a new firewall

My home office firewall just died and looks like never coming back

I'm running off a UK broadband cable connection. I've just bought a Dlink DI-604 just to make sure I can get back on the net ASAP

I can get one of the following:

CISCO PIX 501 3DES Bundle (Chassis, SW, 10 Users, 3DES)

I thought I could put the DI-604 onto the cable modem and then untrusted users onto the DI-604, and isolate the development computers with the CISCO firewall for added security, so the WAN on the CISCO will plug into the LAN on the Dlink, and the WAN on the dlink into the broadband modem.

1. Any reason why this setup wouldn't work ?
2. Any reasons not to use a CISCO PIX in this configuration ?

3 Solutions
1. No.

2. No.
Most people will use the "firewall" (i.e., NAT) capabilities of the D-link to provide security.     You are unique, given that you're actually purchasing a Cisco firewall product for your private network.   Impressive.

It sounds like you're planning on putting the "good" users behind the PIX, and everyone else in a DMZ.   This should work fine, so long as you understand the network subnets and such.        The PIX line of firewalls is one of the most stable and secure that I know of.    I don't think you'
ll have any problems.
plqAuthor Commented:
Thanks very much for the feedback

I know the cisco inside the network is a bit extreme but I have computers the kids use, and I have sales people coming in now and again with all sorts of cr*p on their laptops. In addition if one or the other goes phut again I have a backup. Furthermore we VPN into clients networks quite a bit, so that can have a dedicated PC outside the cisco too.

One thing, I think the dlink will be a 192.168 address, does that cause any problems if the cisco people are on 10. and the dlinks on 192. ?.

Also more questions,
3. will the cisco act as a dhcp server and
4. would I need to put an windows server domain controller box inside the network.

Sorry for being so dumb at networking ! 500 points is a lot of beer money though !
Simple Misconfiguration =Network Vulnerability

In this technical webinar, AlgoSec will present several examples of common misconfigurations; including a basic device change, business application connectivity changes, and data center migrations. Learn best practices to protect your business from attack.

No problem at all, the cisco will only route the traffic...

3: yes, the cisco act as a DHCP server..
4: and no, you do not have to install a windows server at all. the PIX is completly stand alone, and can act as a vpn device, and a dhcp server..
plqAuthor Commented:
Marvellous. Thanks for your help. Splitting points..
plqAuthor Commented:
And now its all working... didn't even need to RTFM !! thanks
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now