Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 198
  • Last Modified:

permit everything

hi there

i need help

the network as follow :-   users => switch => cisco asa 5520 8.4(2) => router cisco 2811

1- how can i set public ip to firewall ? if i couldn't what the possible scenario to let users to access internet freely without firewall interrupting ??? and let users from outside to reach a server located inside ??
0
challenger2013
Asked:
challenger2013
2 Solutions
 
Don JohnstonInstructorCommented:
1- how can i set public ip to firewall ?
Remove the router and assign the public IP address to the firewall.
0
 
challenger2013Author Commented:
thanks Don

so if the router get the public ip how can i let the outside users to get into the server inside the firewall is there any way to do that
0
 
Don JohnstonInstructorCommented:
You would have to do port forwarding on the router.

If you don't mind me asking, why use the router at all?
0
Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

 
Son DoSenior Network EngineerCommented:
I think you should keep current topology. Router is a better choice for routing and NAT.
1. For internet access: Just create a rule on FW to permit inside access outside (any)
2. For user outside located server inside: Create a port forwarding as Don Johnston mentioned.

r0ck
0
 
mikebernhardtCommented:
Keep in mind if you just allow anyone into your network, within days is will not be your network any more. It will be owned by bad guys. Only allow access to specific ports on specific machines, and put those machines in a DMZ LAN on the ASA which has limited access to your inside users.
0
 
challenger2013Author Commented:
thanx for all off you Don Johnston and Son Do and mike

for Don i have to use it ( router ) because the company owned the devices and they want me to use this topology and configure it and really i have no enough and tough knowledge with ASA devices it's the first time to deal with .

Best Regards and again thanx all
0

Featured Post

Managing Security Policy in a Changing Environment

The enterprise network environment is evolving rapidly as companies extend their physical data centers to embrace cloud computing and software-defined networking. This new reality means that the challenge of managing the security policy is much more dynamic and complex.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now