?
Solved

PIX removal for 3725 security

Posted on 2006-06-30
13
Medium Priority
?
275 Views
Last Modified: 2013-11-16
We have a pix on the network presently and are going to remove it for a 3725 with security and firewall.. My boss told me there is a way to import all the rules and setting from the pix to the router does anyone know how to do this. We have a VPN and a few static address mapped to servers and it would be easier just to import and let the router do the work as I am not a router guy of this caliber.
0
Comment
Question by:arahming
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 4
  • 2
13 Comments
 
LVL 79

Accepted Solution

by:
lrmoore earned 1200 total points
ID: 17021401
Your boss lied to you. There is no such utility.
May I be so bold as to ask what your reasoning is to replace a PIX world class firewall with a router with stuck-on firewall "features"?
0
 
LVL 1

Author Comment

by:arahming
ID: 17021942
we are using the router to bring in both a dsl and a T1 connection I would rather just have the router bringing in the connections and keep the pix but we are both not router guys and he wants to use the statics from the dsl to. I probably sound stupid I have a CCNA and know how to setup a router for one connection thats about it
0
 
LVL 79

Assisted Solution

by:lrmoore
lrmoore earned 1200 total points
ID: 17022019
I'd still keep them both. Let the router make the routing decisions and let the PIX provide the security and VPN's.
You've got them both, what would you do with the PIX anyway? Use it as a doorstop?
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 51

Assisted Solution

by:Keith Alabaster
Keith Alabaster earned 800 total points
ID: 17022891
:) lol

You don't sound stupid but the route you are following just doesn't seem to have any logic. As lrmoore has concisely explained, you have have the best hardware-based firewall and the 3725 would complement it superbly; it shouldn't replace it...
0
 
LVL 1

Author Comment

by:arahming
ID: 17024075
Even though the 3725 software comes with a firewall????
0
 
LVL 1

Author Comment

by:arahming
ID: 17024170
Hay does anyone know where a good white paper is for this configuration I mean I would rather not have to remove the Pix but with both connections coming in can I still use satic for both the adsl and t1 or am I going to loose 5 statics.  
0
 
LVL 51

Assisted Solution

by:Keith Alabaster
Keith Alabaster earned 800 total points
ID: 17024536
There is no comparison between the PIX firewall and the firewall feature-set on the 3725. This is why the pix is called a firewall and the 3725 is a router bu any other name.

Why should you lose any statics if you used both pix and 3725?
0
 
LVL 1

Author Comment

by:arahming
ID: 17025213
becuase the pix is configured to use the T1 Ip addresses accutaully would I have to configure nat on both the pix and the 3725. not sure how to set this up would have the 3725 with the v.35 than the adsl with the wic-adsl with pppoe. futhermore VPN's if we already have a VPN set up on one static can we set up another VPN for local users to log in or will using the wizard wipe out the other VPN
0
 
LVL 1

Author Comment

by:arahming
ID: 17025709
I am gonna give the pont out but if you guys could answer my last question it would be cool gonna split them up furthermore I have posted the VPN question somewher else with 500 points
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 17026536
With a T1 you will have an IP address for your WAN port and another IP subnet block to use on your LAN side of the 3725. The PIX would get an IP address in the same IP range and do all the nat and statics.
If you set up one type of VPN with the wizards, you can always go back and to another type and it will not affect the existing one.

Thanks!
0
 
LVL 1

Author Comment

by:arahming
ID: 17026573
Hay Thanks allot guys I have negelted my Cisco got my CCNA in 2003 and have not touched a router sense. I am going to have to go back and get some more schooling but it looks like my new boss is going to be giving me allot of haves on.
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 17026592
We'll be here to help you through the sticky parts.
0
 
LVL 1

Author Comment

by:arahming
ID: 17026599
PS I Have a hangover thats why the comment I made up top is kind of well you know
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When speed and performance are vital to revenue, companies must have complete confidence in their cloud environment.
This article is in regards to the Cisco QSFP-4SFP10G-CU1M cables, which are designed to uplink/downlink 40GB ports to 10GB SFP ports. I recently experienced this and found very little configuration documentation on how these are supposed to be confi…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…
Suggested Courses

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question