topic Re: firewall and network segment question in Network Security https://community.cisco.com/t5/network-security/firewall-and-network-segment-question/m-p/1450253#M640572 <HTML><HEAD></HEAD><BODY><P>OK, base on your diagram, it would be best to just have 1 firewall since you do not have a router/L3 switch in your internal network that can do the routing to 2 firewalls.</P><P></P><P>I believe your preference would be to route everything towards the VPN/ADSL connection?</P><P></P><P>If you would like to route traffic towards 2 firewalls, ie: one for internet connection and the other for vpn traffic, then you would need to have a router/L3 switch to route the traffic accordingly as follows:</P><P>- Traffic towards the internet would have default route/default gateway configured towards the first firewall (for internet connectivity).</P><P>- Traffic towards the VPN would have specific routes (remote/HQ LAN subnets) configured to point towards the second firewall (for vpn connectivity).</P><P></P><P>Hope that helps.</P></BODY></HTML> Thu, 01 Jul 2010 23:50:41 GMT Jennifer Halim 2010-07-01T23:50:41Z firewall and network segment question https://community.cisco.com/t5/network-security/firewall-and-network-segment-question/m-p/1450252#M640522 <P>hi! based on the diagram i attached. In the internal network can i configure everything to be in the on segment and one vlan? I just want to have a simple setup in the branch office, that enable internet traffic to go through the optical link and corporate resources access to go through the adsl vpn. or if possible internet access to go through the adsl/vpn link as well.</P><P></P><P>In this case i'm thinking of disabling vlan 1 and configure only one vlan for the entire LAN (flat network).</P><P></P><P>Is that possible with 2 firewalls connection and based on my requirements above?</P><P></P><P></P><P>thx</P> Mon, 11 Mar 2019 18:06:22 GMT https://community.cisco.com/t5/network-security/firewall-and-network-segment-question/m-p/1450252#M640522 dlee_gmail 2019-03-11T18:06:22Z Re: firewall and network segment question https://community.cisco.com/t5/network-security/firewall-and-network-segment-question/m-p/1450253#M640572 <HTML><HEAD></HEAD><BODY><P>OK, base on your diagram, it would be best to just have 1 firewall since you do not have a router/L3 switch in your internal network that can do the routing to 2 firewalls.</P><P></P><P>I believe your preference would be to route everything towards the VPN/ADSL connection?</P><P></P><P>If you would like to route traffic towards 2 firewalls, ie: one for internet connection and the other for vpn traffic, then you would need to have a router/L3 switch to route the traffic accordingly as follows:</P><P>- Traffic towards the internet would have default route/default gateway configured towards the first firewall (for internet connectivity).</P><P>- Traffic towards the VPN would have specific routes (remote/HQ LAN subnets) configured to point towards the second firewall (for vpn connectivity).</P><P></P><P>Hope that helps.</P></BODY></HTML> Thu, 01 Jul 2010 23:50:41 GMT https://community.cisco.com/t5/network-security/firewall-and-network-segment-question/m-p/1450253#M640572 Jennifer Halim 2010-07-01T23:50:41Z