[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 239
  • Last Modified:

No ACLs in router if firewall is behind it?

We have a remote site with a T1 to the internet.
They have an 1841 router with an ASA behind it.

I noticed the router itself has no ACLs on it to protect it from the outside world. But the ASA is properly configured.  I understand that your firewalls should be doing the packet filtering, but is this best practices? We do have several tunnels terminating in the ASA
0
dissolved
Asked:
dissolved
1 Solution
 
yegs2000Commented:
well, for good measure, if you remotely adminster the device (router), I would recommend maybe filter telnet and traffic destined to the device. Just make sure that it is locked down, so outside intruders cannot get into the router. Make sure all management options are locked down only to you.

Other than that, it should be fine to let the ASA do the rest of the work.

-yegs
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now