?
Solved

permit everything

Posted on 2014-09-09
6
Medium Priority
?
186 Views
Last Modified: 2014-09-13
hi there

i need help

the network as follow :-   users => switch => cisco asa 5520 8.4(2) => router cisco 2811

1- how can i set public ip to firewall ? if i couldn't what the possible scenario to let users to access internet freely without firewall interrupting ??? and let users from outside to reach a server located inside ??
0
Comment
Question by:challenger2013
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 50

Expert Comment

by:Don Johnston
ID: 40313723
1- how can i set public ip to firewall ?
Remove the router and assign the public IP address to the firewall.
0
 

Author Comment

by:challenger2013
ID: 40313840
thanks Don

so if the router get the public ip how can i let the outside users to get into the server inside the firewall is there any way to do that
0
 
LVL 50

Assisted Solution

by:Don Johnston
Don Johnston earned 750 total points
ID: 40314120
You would have to do port forwarding on the router.

If you don't mind me asking, why use the router at all?
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Expert Comment

by:Son Do
ID: 40315113
I think you should keep current topology. Router is a better choice for routing and NAT.
1. For internet access: Just create a rule on FW to permit inside access outside (any)
2. For user outside located server inside: Create a port forwarding as Don Johnston mentioned.

r0ck
0
 
LVL 28

Accepted Solution

by:
mikebernhardt earned 750 total points
ID: 40315367
Keep in mind if you just allow anyone into your network, within days is will not be your network any more. It will be owned by bad guys. Only allow access to specific ports on specific machines, and put those machines in a DMZ LAN on the ASA which has limited access to your inside users.
0
 

Author Closing Comment

by:challenger2013
ID: 40321174
thanx for all off you Don Johnston and Son Do and mike

for Don i have to use it ( router ) because the company owned the devices and they want me to use this topology and configure it and really i have no enough and tough knowledge with ASA devices it's the first time to deal with .

Best Regards and again thanx all
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Envision that you are chipping away at another e-business site with a team of pundit developers and designers. Everything seems, by all accounts, to be going easily.
A 2007 NCSA Cyber Security survey revealed that a mere 4% of the population has a full understanding of firewalls. As business owner, you should be part of that 4% that has a full understanding.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses
Course of the Month14 days, 13 hours left to enroll

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question