Solved

permit everything

Posted on 2014-09-09
6
178 Views
Last Modified: 2014-09-13
hi there

i need help

the network as follow :-   users => switch => cisco asa 5520 8.4(2) => router cisco 2811

1- how can i set public ip to firewall ? if i couldn't what the possible scenario to let users to access internet freely without firewall interrupting ??? and let users from outside to reach a server located inside ??
0
Comment
Question by:challenger2013
6 Comments
 
LVL 50

Expert Comment

by:Don Johnston
ID: 40313723
1- how can i set public ip to firewall ?
Remove the router and assign the public IP address to the firewall.
0
 

Author Comment

by:challenger2013
ID: 40313840
thanks Don

so if the router get the public ip how can i let the outside users to get into the server inside the firewall is there any way to do that
0
 
LVL 50

Assisted Solution

by:Don Johnston
Don Johnston earned 250 total points
ID: 40314120
You would have to do port forwarding on the router.

If you don't mind me asking, why use the router at all?
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Expert Comment

by:Son Do
ID: 40315113
I think you should keep current topology. Router is a better choice for routing and NAT.
1. For internet access: Just create a rule on FW to permit inside access outside (any)
2. For user outside located server inside: Create a port forwarding as Don Johnston mentioned.

r0ck
0
 
LVL 28

Accepted Solution

by:
mikebernhardt earned 250 total points
ID: 40315367
Keep in mind if you just allow anyone into your network, within days is will not be your network any more. It will be owned by bad guys. Only allow access to specific ports on specific machines, and put those machines in a DMZ LAN on the ASA which has limited access to your inside users.
0
 

Author Closing Comment

by:challenger2013
ID: 40321174
thanx for all off you Don Johnston and Son Do and mike

for Don i have to use it ( router ) because the company owned the devices and they want me to use this topology and configure it and really i have no enough and tough knowledge with ASA devices it's the first time to deal with .

Best Regards and again thanx all
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
cradle point vpn to sonicwall 5 77
WAN Site Edge Routers 15 56
Botnet detection help me please 21 115
Palo Alto Networks: View Tunnel packet counts? 2 27
Hello , This is a short article on how would you go about enabling traceoptions on a Juniper router . Traceoptions are similar to Cisco debug commands but these traceoptions are implemented in Juniper networks router . The following demonstr…
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question