Cisco PIX Firewall...

C

chrisbyrd

OSNN Junior Addict
Joined
18 Nov 2004
Messages
27
Hi Guys

Seeing as you gave me such great answers to my last non-windows networking question, i have another... :)

We've recently spent a couple of thousand pounds on a Cisco PIX 525 Firewall.

Has anyone had any experience with hardware firewalls?

As I understand it, they are meant to be transparent to the hosts communicating to and from the network. As long as the firewall is sitting between our network and the outside world, is there anything that needs to be configured on the machines on the network?

For example:

Several Servers > Network Switch > PIX Interface1 > PIX > PIX Interface2 > Our ISP

The servers have the gateway set as the router of the ISP

Am I right in thinking the two interfaces on the PIX need to be assigned IP addresses on different network ranges, and we employ some sort of routing (ISP will do OSPF) on the PIX itself? Setting the default router on the servers to be that of the PIX interface on the 'inside', so the router is acting almost as a router and a firewall?

We are currently not operating our own BGP router on this particular network.

Please forgive me if that makes absolutely no sense...
Any advice would be much appreciated :confused:
 
Anyone that deals in larger networks knows that there is no good single answer for a network question especially when you start asking about firewall and security. Each company (states, countries) have their own policies and rules that they have to follow so every network is different. Where I work we have 2 (redundant) PIX 535's and configuring them can get very tricky since we have to follow the network design and policies. If you have a DMZ, this is something else that needs to be planned out. Is the DMZ going to have some sort of firewall or is it just going to float between the internet and your lan. Are you going to be doing NAT/PAT? Where is the translations being made? Firewall, router? For the most part firewalls are transparent to the user. There is no extra configuration needed when a firewall is in place. If there is, you did something wrong. My advice is if you need help configuring a Cisco firewall then get in contact with your local Cisco rep and request assistance. It will most likely cost the company to have a tech assist but it is better than spending days on end trying to figure it out yourself and in the long run be cheaper.
 
You must log in or register to reply here.

Members online

No members online now.
Total: 265 (members: 0, guests: 265)

Affiliates

lunarsoft.net techzonez.com

- Contact us to trade links -

OSNN OSNN NTFS XP-erience

Latest profile posts

Steevo
Steevo
Also Hi EP and people. I found this place again while looking through a oooollllllldddd backup. I have filled over 10TB and was looking at my collection of antiques. Any bids on the 500Mhz Win 95 fix?
•••
Steevo
Steevo
Any of the SP crew still out there?
•••
Xie
Xie wrote on Electronic Punk's profile.
Impressed you have kept this alive this long EP! So many sites have come and gone. :(

Just did some crude math and I apparently joined almost 18yrs ago, how is that possible???
•••
N
Nismo83
hello peeps... is been some time since i last came here.
•••
Electronic Punk
Electronic Punk wrote on Sazar's profile.
Rest in peace my friend, been trying to find you and finally did in the worst way imaginable.
•••

Forum statistics

Threads
62,015
Messages
673,494
Members
5,623
Latest member
AndersonLo
Back