Solved

No ACLs in router if firewall is behind it?

Posted on 2009-05-04
1
231 Views
Last Modified: 2012-05-06
We have a remote site with a T1 to the internet.
They have an 1841 router with an ASA behind it.

I noticed the router itself has no ACLs on it to protect it from the outside world. But the ASA is properly configured.  I understand that your firewalls should be doing the packet filtering, but is this best practices? We do have several tunnels terminating in the ASA
0
Comment
Question by:dissolved
1 Comment
 
LVL 3

Accepted Solution

by:
yegs2000 earned 500 total points
ID: 24300028
well, for good measure, if you remotely adminster the device (router), I would recommend maybe filter telnet and traffic destined to the device. Just make sure that it is locked down, so outside intruders cannot get into the router. Make sure all management options are locked down only to you.

Other than that, it should be fine to let the ASA do the rest of the work.

-yegs
0

Featured Post

Networking for the Cloud Era

Join Microsoft and Riverbed for a discussion and demonstration of enhancements to SteelConnect:
-One-click orchestration and cloud connectivity in Azure environments
-Tight integration of SD-WAN and WAN optimization capabilities
-Scalability and resiliency equal to a data center

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
ACS vs NAC 2 94
HP 802.11g Wireless Printer Card For Deskjet 460 9 77
Watchguard XTM 2 84
Cheap Gigabit Switch with trunking support for iSCSI and ethernet connections. 3 88
The following recovery method will work on All Cisco Switchs that run ISO software. You will need a good copy of the IOS version you want you use saved on your PC and a Com's Cable. The software for these switches comes as a .tar file. Tar is …
Every server (virtual or physical) needs a console: and the console can be provided through hardware directly connected, software for remote connections, local connections, through a KVM, etc. This document explains the different types of consol…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question