Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
410
Views
0
Helpful
2
Replies

Cisco 877 adsl router with multiple firewalls installed in parallel with public IP's

arburnssbc
Level 1
Level 1

‎11-08-2014 04:36 AM - edited ‎03-05-2019 12:08 AM

I would like to ask what the best method would be to configure my cisco 877 adsl router to have multiple firewalls installed in parallel behind the cisco 877 router. I have a multiple public IP's and I wish to assign a public ip to the cisco 877 router and each firewall behind the router. Each firewall is from a different vendor and is being used for testing purposes.

ISP Gateway IP >> Cisco 877 Public IP 1 >> FW1 Public IP 2 >> FW1 LAN IP Subnet 1

ISP Gateway IP >> Cisco 877 Public IP 1 >> FW2 Public IP 3 >> FW2 LAN IP Subnet 2

ISP Gateway IP >> Cisco 877 Public IP 1 >> FW3 Public IP 4 >> FW3 LAN IP Subnet 3

Diagram attached

 

My aims are to:

Manage the 877 router from Network 1 only using secure protocols i.e. ssh and https

Nat performed by each firewall

Create a SSL/IPSEC VPN to each firewall for testing.

Many thanks for your help

Adrian

1 person had this problem
Labels:
Preview file
47 KB
0 Helpful
2 Replies 2

John Blakley
VIP Alumni
VIP Alumni

‎11-08-2014 04:55 AM

You can get a block of addresses from the ISP. The WAN address on the router side should be different from your assigned block. You can put your assigned block on the lan side of the router and then your next address in your assigned block on the firewall:

Assigned block: 20.20.20.0/24

 

ISP <1.1.1.1> --- <1.1.1.2>Router<20.20.20.1> ----- <20.20.20.2> FW <LAN address>

 

HTH,

John

HTH, John *** Please rate all useful posts ***
0 Helpful

mmangiante
Level 1
Level 1
In response to John Blakley

‎12-03-2014 02:54 AM

Hello,

 

we have a similar problem. Previously we have a router given from ISP and attached a firewall (snapgear 580) that has a public ip and used to do nat and also to create a vpn connection with our office.

Now we decided to change our ISP (with our public ip set) and we want to buy a router that give us the same possibilities as we have previously, so simply a router where we can attach our firewall that has its public ip address and so we can use it for vpn (vpn is done via snapgear firewall and not via router).

Do you think that the basic Cisco 877 (CISCO877-K9) is good for this? Because it seems that it is discontinued, do you know what is the product that is alternative?

 

--

Regards,

 

Marco Mangiante

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card