No ACLs in router if firewall is behind it?

Posted on 2009-05-04
Medium Priority
Last Modified: 2012-05-06
We have a remote site with a T1 to the internet.
They have an 1841 router with an ASA behind it.

I noticed the router itself has no ACLs on it to protect it from the outside world. But the ASA is properly configured.  I understand that your firewalls should be doing the packet filtering, but is this best practices? We do have several tunnels terminating in the ASA
Question by:dissolved
1 Comment

Accepted Solution

yegs2000 earned 2000 total points
ID: 24300028
well, for good measure, if you remotely adminster the device (router), I would recommend maybe filter telnet and traffic destined to the device. Just make sure that it is locked down, so outside intruders cannot get into the router. Make sure all management options are locked down only to you.

Other than that, it should be fine to let the ASA do the rest of the work.


Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

When posting a question about a Cisco ASA, Cisco Router or Cisco Switch, it can aid diagnosis if a suitably sanitised copy of the config is provided. It is much better to leave as much of the configuration as original as possible, as it could be tha…
#Citrix #Netscaler #MSSQL #Load Balance
The video will let you know the exact process to import OST/PST files to the cloud based Office 365 mailboxes. Using Kernel Import PST to Office 365 tool, one can quickly import numerous OST/PST files to Office 365. Besides this, the tool also comes…
Did you know PowerShell can save you time with SaaS platforms? Simply leverage RESTfulAPIs to build your own PowerShell modules. These will kill repetitive tickets and tabs, using the command Invoke-RestMethod. Tune into this webinar to learn how…

587 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question