Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1536
Views
10
Helpful
5
Replies

Router or ASA Firewall?

Go to solution
MarkSymms88085
Level 1
Level 1

‎10-13-2020 10:53 AM

Hi All,

So this question is for my home network, which at most times will have less than 50 hosts connected (IoT, cellphones, tablets, desktops, etc).  I have a Cisco Catalyst 3750.   I will create 7 different VLANs to segment the network.  My question involves solving my DHCP problem and a firewall.  I have looked at the ASA 5515X and a router with IOS Firewall, but cannot afford both.  I want to be able to, obviously,  assign IP addresses to each separate subnet/VLAN.  The 7th VLAN, however, is for the security cameras and the NVR (Network Video Recorder) system has its own DHCP server, apparently with limited configurability, that supplies ipv4 addresses to each camera. I don't want the main DHCP server to conflict or try to assign IPs to the cameras.  I am assuming that the NVR, once it receives a DHCP request from the camera will not forward to the main DHCP server.  I will assign a static IP, hopefully to the NVR itself.

 

Can I accomplish this with an ASA 5515X?  Will setting up the firewall services on a router (i.e. 2811) throttle the throughput noticeably?  Or am I better off running pfSense?

 

Any help or insight is greatly appreciated..

-mark

Labels:
2 Accepted Solutions

Accepted Solutions

Go to solution
MHM Cisco World
VIP
VIP

‎10-13-2020 12:37 PM

I think that SW can do DHCP work, where you can config DHCP local for VLAN and make Camera and other connect to DHCP server in specific VLAN.

so router or FW will be far away form dhcp and it concert is only internet and security connect. 

View solution in original post

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎10-13-2020 12:53 PM

Edge side Prefer to have FW, so it protects your network.

3750 can support as DHCP Server for your requirement.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

View solution in original post

0 Helpful
5 Replies 5

Go to solution
MHM Cisco World
VIP
VIP

‎10-13-2020 12:37 PM

I think that SW can do DHCP work, where you can config DHCP local for VLAN and make Camera and other connect to DHCP server in specific VLAN.

so router or FW will be far away form dhcp and it concert is only internet and security connect. 

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎10-13-2020 12:53 PM

Edge side Prefer to have FW, so it protects your network.

3750 can support as DHCP Server for your requirement.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
MarkSymms88085
Level 1
Level 1

‎10-13-2020 01:28 PM

Thanks for the help BB and MHM!  I will work on that scenario

0 Helpful

Go to solution
MHM Cisco World
VIP
VIP
In response to MarkSymms88085

‎10-14-2020 11:34 AM

You Are welcome, if it solve please mention that it SOLVED.
Good Luck...

0 Helpful

Go to solution
Aref Alsouqi
VIP
VIP

‎10-13-2020 10:42 PM

Another option would be to configure DHCP servers on the ASA itself. In that case you can configure the 3750 to act as a layer 2 switch, and trunk a connection to the ASA where you will have all the inter-VLAN security policies applied. You can also ether channel the connection between the switch and the ASA to get more bandwidth if needed.

0 Helpful
Customers Also Viewed These Support Documents