cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1114
Views
14
Helpful
5
Replies

How to prepare my modem router for use with Cisco FirePower 1010?

makwm
Level 1
Level 1

Hi, I live in Australia and my broadband ISP is TPG.  TPG provided me a TP-Link Archer VR1600v Modem Router with built-in WiFi.  

I intend to purchase the Cisco FirePower 1010 to secure my home network. However, before I buy the device, I want to find out if I can connect the TP-Link Archer VR1600v Modem Router (as is it without any modification) directly to the Cisco FirePower 1010 and start the firewall service.

I read some article on the internet that user may need to convert their Modem Router into Bridge Mode before it can be connected to a firewall device. And it appears that there is no built-in option to covert the TP-Link Archer VR1600v Modem Router into Bridge Mode.

Please advise.  Thanks!

5 Replies 5

if bridge mode is not available, you can connect TP-Link router directly to firepower device and configure default route towards TP-Link router. then for LAN network, you can use new network range and create firewall policies as you want.

Please rate this and mark as solution/answer, if this resolved your issue
Good luck
KB

@makwm you don't necessarily need to put your router into bridge mode. You can just plug in the FPR1010 to the router, get a DHCP address on the outside interface. You then NAT the internal networks to the outside interface of the FPR1010, the router will see traffic from this IP address.

in addition to @Kasun Bandara and @rob posts
for most traffic is is not necessary to put your modem in bridge mode,
but then 
- your provider modem performs NAT
- your FPR performs NAT (in default/standard setup)
as result NAT is performed twice between endpoint and public network
some applications may experience problems because of double NAT (VOIP)
and port forwarding (NAT)  from the outside to a local device is a little more complex to configure, 
but you can get this working

You should have some configuration possibility on the TP-Link router.  So I would set the DHCP scope to be something smaller than a full /24 subnet then configure the FPR1010 outside interface with a static IP that is not within the newly defined scope.  Let all NAT happen on the TP-Link router but also disable the WiFi on the router as this will bypass the firewall and then it would be pointless to have a Cisco FPR1010.

Next configure routing and access rules on the FPR1010 and you should be good to go.  Depending on how you are setting up your network, you might need to configure DHCP helper on the FPR1010 so that devices behind the firewall  can get IP addresses.  Again, this all depends on what equipment you have and how you intend to set it up.

--
Please remember to select a correct answer and rate helpful posts

waqaswilan2026
Level 1
Level 1

To prepare your modem router for use with Cisco FirePower 1010, you'll want to ensure seamless connectivity and security integration. Here's a step-by-step guide:

1. **Review Documentation**: Familiarize yourself with the manuals and setup guides provided by both your modem router manufacturer and Cisco for the FirePower 1010. Understanding the specifications and requirements is crucial.

2. **Connectivity Check**: Ensure your modem router is properly connected to your internet service provider (ISP) and is functioning correctly. Test your internet connection to confirm stability.

3. **Port Forwarding**: Access your modem router's configuration settings and set up port forwarding for the necessary ports used by the Cisco FirePower 1010. This allows external traffic to reach the FirePower device.

4. **Static IP Address**: Assign a static IP address to the FirePower 1010 within your local network. This ensures consistency in connectivity and simplifies configuration.

5. **Security Settings**: Review and adjust your modem router's security settings to accommodate the requirements of the Cisco FirePower 1010. This might include enabling or disabling specific firewall rules or intrusion prevention settings.

6. **VPN Configuration**: If you're planning to establish a VPN connection through the FirePower device, configure any VPN passthrough or VPN termination settings on your modem router accordingly.

7. **Testing**: After making configuration changes, perform thorough testing to ensure that the modem router allows traffic to pass through to the FirePower 1010 without hindrance. Test both inbound and outbound connectivity.

8. **Monitoring and Maintenance**: Regularly monitor the performance of your modem router and FirePower 1010. Be prepared to adjust settings as needed, especially if you encounter any connectivity issues or security concerns.

By following these steps, you can effectively prepare your modem router for seamless integration with the Cisco FirePower 1010, ensuring reliable connectivity and robust security measures. And remember, if you need financial support for your Cisco FirePower 1010 purchase, exploring Centrelink car loans might be a viable option to consider.

Review Cisco Networking for a $25 gift card