Solved

No ACLs in router if firewall is behind it?

Posted on 2009-05-04
1
233 Views
Last Modified: 2012-05-06
We have a remote site with a T1 to the internet.
They have an 1841 router with an ASA behind it.

I noticed the router itself has no ACLs on it to protect it from the outside world. But the ASA is properly configured.  I understand that your firewalls should be doing the packet filtering, but is this best practices? We do have several tunnels terminating in the ASA
0
Comment
Question by:dissolved
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 3

Accepted Solution

by:
yegs2000 earned 500 total points
ID: 24300028
well, for good measure, if you remotely adminster the device (router), I would recommend maybe filter telnet and traffic destined to the device. Just make sure that it is locked down, so outside intruders cannot get into the router. Make sure all management options are locked down only to you.

Other than that, it should be fine to let the ASA do the rest of the work.

-yegs
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will step through configuring a SonicWALL appliance to utilize an internal DHCP server for Global VPN Client (GVC) hosts.  There are times when using an external (external to the SonicWALL) DHCP server, such as Windows Servers, isn’t pr…
#Citrix #Citrix Netscaler #HTTP Compression #Load Balance
In this video, viewers will be given step by step instructions on adjusting mouse, pointer and cursor visibility in Microsoft Windows 10. The video seeks to educate those who are struggling with the new Windows 10 Graphical User Interface. Change Cu…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

724 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question