Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
709
Views
0
Helpful
3
Replies

Use Layer 3 Switch to replace service provider Router?

puttybear
Level 1
Level 1

‎11-28-2018 03:13 AM - edited ‎02-21-2020 08:31 AM

Hi!

 

I want to replace my service provider Zyxel router with something more manageable. I have 2960 and 3650 switches I can use as layer 3 switches. My concern is the security when implementing a layer 3 switch over the stock router with integrated firewall.

What should I do regarding ports? I don't want outsiders to access open ports inside my network. What I know I have to do:

 

- NAT

- Access-list

- Routing

- DHCP

 

So my question is what else do I forget when I want to have a secure layer 3 switch as my router? Thanks for the help!

Labels:
0 Helpful
3 Replies 3

Seb Rupik
VIP Alumni
VIP Alumni

‎11-28-2018 03:48 AM

Stop where you are.

The NAT function is not on those switches. You are better off replacing the Zyxel router with a small ISR (880 series) or an ASA.

 

cheers,

Seb.

0 Helpful

puttybear
Level 1
Level 1
In response to Seb Rupik

‎11-28-2018 04:04 AM - edited ‎11-28-2018 04:05 AM

Ohh what.. Thanks for the heads up lol! I was sure NAT worked with layer 3 switches. I can get all the different IOS available from cisco download center If there are any addons to support NAT?

Thanks for the help!

0 Helpful

Seb Rupik
VIP Alumni
VIP Alumni
In response to puttybear

‎11-28-2018 04:36 AM

Last time I checked, the only multi-layer switch which did NAT was the 6500.

NAT is certainly not supported on the access-layer switches you mention. You will need to look at introducing an ISR/ ASA to your topology.

 

cheers,

Seb.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card
Top