Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Firewall / Router Solution

Posted on 2007-03-19
4
220 Views
Last Modified: 2013-11-16
Hey gang,

I have a small business that uses an ASP (application service provider) for their main day-to-day duties.  The office staff is about 12 employees, but they also have about 10 remote users (mostly using OWA or RDP).  They are currently using a T1 for internet with 8 channels being used for voice and the rest for data.  Since they’ve migrated to the new app, the internet and application performance has come to a crawl.  Based on the calculations from the ASP on the amount of  bandwidth need per user, they’ve decided to get a 2nd T1 dedicated for the ASP.  

So, the question is, aside from spending $3500 on a Cisco 2821, is there a more cost effective firewall solution that can route all traffic destined for the ASP's IP to T1b, and everything else to T1a?   Would using 2 cheaper firewalls work if made FirewallA the DG, and then put a static route on it that said anything destined for application.aspcompany.com route to internal interface on FirewallB?

Any ideas / recommendations appreciated.
0
Comment
Question by:DMJorgensen
  • 2
4 Comments
 
LVL 57

Expert Comment

by:giltjr
ID: 18753795
Personaly opinion, get two T1's and bond them together.  Makes everybody happer, except the accountants.

A single firewall should be able to handle this easily.  You could either have two "outside" interfaces, one for T1a and one for T1b.  Or a single interface with two sub interfaces.  Either way you still have a static route for the IP address of the application server that points to the router for T1b and leave a default route pointing to the router of T1a.

However, are you getting the $3500 Cisco to connect both T1's?  If so, the the static route would go into the 2821 and you just have the firewall forward everything to the 2821.  The 2821 would then route based on going to the application server (static route) or not going to application server (default route).
0
 
LVL 5

Author Comment

by:DMJorgensen
ID: 18756039
The 2821 will definitly do what I want, but I'm looking for something that's cheaper.  This is a small business that would prefer not to spend the $3500.  Are there chearper firewalls with 1 LAN and 2 WAN ports?
0
 
LVL 57

Accepted Solution

by:
giltjr earned 250 total points
ID: 18756273
You may want to look at the 1841.  I think it is about US$1,500.
0
 
LVL 25

Assisted Solution

by:Cyclops3590
Cyclops3590 earned 250 total points
ID: 18758326
personally I'd go with an ASA 5510.  It can easily handle what you want and for about $2000.  And please correct me if I'm wrong, but for some reason I believe the SmartNET is about $500-$600.
Default license enables 3 interfaces (plus mgmt int).  So you can have your lan and app networks.
Supports vpn very well, and gives you plenty of upgrade options, IPS module, SSL VPN, etc.
At least that's the way I'd go.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
VPN Connection WIndows 10 5 61
How to read network slash info 7 44
ASA5510 Blocking a Wanted Website/Host 9 25
Dell PowerConnect 2824 w/ two DHCP 6 22
Data center, now-a-days, is referred as the home of all the advanced technologies. In-fact, most of the businesses are now establishing their entire organizational structure around the IT capabilities.
Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

861 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question