Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
295
Views
0
Helpful
1
Replies

external security

primavat
Level 1
Level 1

‎10-24-2003 03:07 PM - edited ‎03-09-2019 05:17 AM

i have a cisco 2610 with 12.0(8) that routes a class c address space from an ISP. There's also a Cat 5000 on the external network. The internal networks are firewalled by sonicwall SOHO2 and SOHO3 and PIX 506 firewalls.

The company has been using telnet to access the 2610 from the Internet. There are no access lists on the router, and AA.

How important is it to use acls to filter traffic inbound on the external router interface? I was thinking of filtering the class c, private ips, and a number of protocols including icmp.

I was considering using ssh to access the 2610 and the Cat 5000, but only from a host inside one of the firewalls. How secure is that solution?

Is it possible to use a PIX 506 or Sonicwall as an ssh host instead of passing through the firewall?

Labels:
0 Helpful
1 Reply 1

nkhawaja
Cisco Employee
Cisco Employee

‎10-24-2003 03:44 PM

Hi,

Securing your perimter router is very important. If e.g. a DOS happens on your router, all of its processing will be consumed up.

SSH is the best way to access the router. No You can't use PIX (atleast) as SSH client.

Here is a link for further reference.

http://www.cisco.com/warp/public/707/21.html

Thanks

Nadeem

0 Helpful
Customers Also Viewed These Support Documents