Solved

permit everything

Posted on 2014-09-09
6
185 Views
Last Modified: 2014-09-13
hi there

i need help

the network as follow :-   users => switch => cisco asa 5520 8.4(2) => router cisco 2811

1- how can i set public ip to firewall ? if i couldn't what the possible scenario to let users to access internet freely without firewall interrupting ??? and let users from outside to reach a server located inside ??
0
Comment
Question by:challenger2013
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 50

Expert Comment

by:Don Johnston
ID: 40313723
1- how can i set public ip to firewall ?
Remove the router and assign the public IP address to the firewall.
0
 

Author Comment

by:challenger2013
ID: 40313840
thanks Don

so if the router get the public ip how can i let the outside users to get into the server inside the firewall is there any way to do that
0
 
LVL 50

Assisted Solution

by:Don Johnston
Don Johnston earned 250 total points
ID: 40314120
You would have to do port forwarding on the router.

If you don't mind me asking, why use the router at all?
0
Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

 

Expert Comment

by:Son Do
ID: 40315113
I think you should keep current topology. Router is a better choice for routing and NAT.
1. For internet access: Just create a rule on FW to permit inside access outside (any)
2. For user outside located server inside: Create a port forwarding as Don Johnston mentioned.

r0ck
0
 
LVL 28

Accepted Solution

by:
mikebernhardt earned 250 total points
ID: 40315367
Keep in mind if you just allow anyone into your network, within days is will not be your network any more. It will be owned by bad guys. Only allow access to specific ports on specific machines, and put those machines in a DMZ LAN on the ASA which has limited access to your inside users.
0
 

Author Closing Comment

by:challenger2013
ID: 40321174
thanx for all off you Don Johnston and Son Do and mike

for Don i have to use it ( router ) because the company owned the devices and they want me to use this topology and configure it and really i have no enough and tough knowledge with ASA devices it's the first time to deal with .

Best Regards and again thanx all
0

Featured Post

Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Tired of waiting for your show or movie to load?  Are buffering issues a constant problem with your internet connection?  Check this article out to see if these simple adjustments are the solution for you.
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question