INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Jobs

Cisco 1700 Series and Third Party Firewall

Cisco 1700 Series and Third Party Firewall

(OP)
I'd like to know if I can use a third party, non ASA firewall to use for a Cisco 1760. We have a couple desktops a Windows and an OSX server that could be used for a firewall. How can I configure the 1760 to integrate to the firewall for WAN access. I know upgrading to a 1900 or 2800 series would be the easiest to support Ethernet WAN, etc, but I am stuck with this router to do that.

RE: Cisco 1700 Series and Third Party Firewall

How are you currently setup?

RE: Cisco 1700 Series and Third Party Firewall

(OP)
Right now, intranet LAN and IPT (Cisco CME) is running on the Cisco, and another DDWRT is running some LANs and it gives WAN/Internet access. These are two separate networks. The LAN runs on 192.168.1.1/255.255.255.0 and the other network is on 192.168.2.0/255.255.255.0

This current network was setup to be highly isolated to the Internet; leaving a few machines exposed to the outside world, such as application servers, terminal servers, desktops, etc. We would like to somehow integrate the two by continuing to have strong protection, also allowing the Cisco phones to allow the PC side jacks to be also tied to the WAN (you know for web/email/etc) so one drop for a desk, kinda thing.

RE: Cisco 1700 Series and Third Party Firewall

(OP)
...And trying to do this with what we have , if possible.

RE: Cisco 1700 Series and Third Party Firewall

Get your existing FW config off the old FW and do an audit of:
- IP addresses
- FW rules, ie, access lists
- NAT rules
and anything else that relates to its layer3 functions.

Then, build your new config on your new FW. Something nice and cheap like a Fortinet is easy to use and very functional. Or a Juniper SRX - those are seriously cool. In fact there aren't many firewalls that are as overpriced and difficult to configure as CIsco ones.

RE: Cisco 1700 Series and Third Party Firewall

(OP)
Seriously,

I clearly asked if there was a possibility I can use a PC as a firewall with my existing network, a NT 5.1 or a Mac OS X Server, is it possible?

We have a tight budget, and we are on a spending freeze, so if I cannot do it with the options, then just tell me in my face than playing politics and sell me something we can't afford, even if its "cheap"

Thanks

RE: Cisco 1700 Series and Third Party Firewall

AvayaRedDude, NO ONE is playing politics. There is no need to insult people here. He gave you the answer based upon your question. You said non Cisco, yes? You also did NOT say you must use PC or OSX.
If you insist, you could intsll Linux and run iptables but this requires at least some expertise in how firewalls work and what they should / should not do. Be advised this is far from ideal solution for network security setup. But it's your network after all.

RE: Cisco 1700 Series and Third Party Firewall

You asked for a "third party, non ASA firewall".
I proposed Fortinet. It is non-cisco, therefore very easy to use and cheap.
I prefer the Juniper which are also very cheap, although there would be more configuration required.
 
Building your own firewall on a Linux platform, as suggested, would require significant time investment, and carry risks that an out-of-the-box solution wouldn't.
Anything is possible, but some choices are bad choices and carry costs that go beyond a simple matter of prices.
 
It all depends on how you price your time and rate your expertise. Based on what I see here, it seems likely that a Fortinet would be a good fit.

RE: Cisco 1700 Series and Third Party Firewall

(OP)
I could've thought I could use a NAT firewall ability in Windows NT 5.2 or OS X Server to alleviate this.

I think ASA is a better option, since we got the routing, the switching and UC/IPT setup... Will save up the money once the freeze expires.

I tell you I am no genius (as with most people) but boy is the Internet a pretty flawed protocol compared to other networks like telephony... Leaving it at that.

Sincerely appreciate the help.

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members!

Resources

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close