Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
1579
Views
10
Helpful
7
Replies

Need Best practice guide for Putting Firewall or Router on Edge?

Learnercisco
Level 1
Level 1

‎09-09-2019 12:17 AM

Hi Teck Guys.

 

Please share a cisco validate design for putting FPS 2130 or Router ASR1K on edge. i have attached my block diagram. suggest the validate design. Thanks All. 

 

 

Labels:
LAN-WAN-new-design.jpg
Preview file
80 KB
0 Helpful
7 Replies 7

balaji.bandi
Hall of Fame
Hall of Fame

‎09-09-2019 12:28 AM

A best possible way is :

 

Access Switch ( where users connect) --- Core ----FW---ASR----Internet

 

A couple of questions :

1.  what is mean by Access switch - where the users PC or device connected, in this case above is bet example.

2. or if that is WAN Aggregation switch to connect, then your design should be ok.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Learnercisco
Level 1
Level 1
In response to balaji.bandi

‎09-09-2019 12:37 AM

 

Thanks BB for your Valueable reply,

 

My design is related to the following:

Access---Distributiion----Core----FW----WANaggregSwitch----ASR1K- Internet. 

I suppose your  reply  is related the above design. Please Confirm. 

 

2.  if that is WAN Aggregation switch to connect, then your design should be ok.

 

 

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to Learnercisco

‎09-09-2019 12:41 AM

Access---Distribution----Core----FW----WANaggregSwitch----ASR1K- Internet

 

This make sense.

 

But  WANaggregSwitch - this switch only connect to internet or your satellite sites or Branch office?

 

 

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Learnercisco
Level 1
Level 1
In response to balaji.bandi

‎09-09-2019 12:50 AM

Hi BB,

 

Thanks for reply,

 

we could use this WAN Agg Switch between Firewall and Router for Internet traffic.we have 3 remote branches in campus network, shall directly connect to ISR1K via Fiber Optic Link or we can connect to WAN Aggregate Switch.  i prefer to connect to ASR1K for Routing in one place on upstream. Thanks 

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to Learnercisco

‎09-09-2019 03:33 AM

If the branch office point to point to link

 

i prefer to take inside the network, but if you do not have any other device dedicated to WAN Aggregation inside network.

 

I will use ASR and make necessary FW rules for the device to access internal resources.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Seb Rupik
VIP Alumni
VIP Alumni

‎09-09-2019 12:41 AM

Hi there,

You may want to take a look at the CVD guide for the internet edge:

 

https://www.cisco.com/c/dam/en/us/td/docs/solutions/CVD/Oct2015/Internet_Edge_Design_Oct2015.pdf

 

cheers,

Seb.

0 Helpful

Learnercisco
Level 1
Level 1
In response to Seb Rupik

‎09-09-2019 12:55 AM

Thanks SR for the valueable reply. 

0 Helpful
Review Cisco Networking for a $25 gift card
Top