Solved

permit everything

Posted on 2014-09-09
6
175 Views
Last Modified: 2014-09-13
hi there

i need help

the network as follow :-   users => switch => cisco asa 5520 8.4(2) => router cisco 2811

1- how can i set public ip to firewall ? if i couldn't what the possible scenario to let users to access internet freely without firewall interrupting ??? and let users from outside to reach a server located inside ??
0
Comment
Question by:challenger2013
6 Comments
 
LVL 50

Expert Comment

by:Don Johnston
ID: 40313723
1- how can i set public ip to firewall ?
Remove the router and assign the public IP address to the firewall.
0
 

Author Comment

by:challenger2013
ID: 40313840
thanks Don

so if the router get the public ip how can i let the outside users to get into the server inside the firewall is there any way to do that
0
 
LVL 50

Assisted Solution

by:Don Johnston
Don Johnston earned 250 total points
ID: 40314120
You would have to do port forwarding on the router.

If you don't mind me asking, why use the router at all?
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Expert Comment

by:Son Do
ID: 40315113
I think you should keep current topology. Router is a better choice for routing and NAT.
1. For internet access: Just create a rule on FW to permit inside access outside (any)
2. For user outside located server inside: Create a port forwarding as Don Johnston mentioned.

r0ck
0
 
LVL 28

Accepted Solution

by:
mikebernhardt earned 250 total points
ID: 40315367
Keep in mind if you just allow anyone into your network, within days is will not be your network any more. It will be owned by bad guys. Only allow access to specific ports on specific machines, and put those machines in a DMZ LAN on the ASA which has limited access to your inside users.
0
 

Author Closing Comment

by:challenger2013
ID: 40321174
thanx for all off you Don Johnston and Son Do and mike

for Don i have to use it ( router ) because the company owned the devices and they want me to use this topology and configure it and really i have no enough and tough knowledge with ASA devices it's the first time to deal with .

Best Regards and again thanx all
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Imagine you have a shopping list of items you need to get at the grocery store. You have two options: A. Take one trip to the grocery store and get everything you need for the week, or B. Take multiple trips, buying an item at a time, to achieve t…
In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now