Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1582
Views
5
Helpful
16
Replies

Configure Cisco 2801 behind firewall

2cooltek1
Level 1
Level 1

‎01-14-2016 07:18 AM - edited ‎03-05-2019 03:07 AM

A customer of mine recently purchased a cisco 2801 phone system from a vendor. They have three locations and a 2801 at each, all tied together with a VPN between them in order to transfer calls from one location to another.

The vendor setup the devices in each location with the 2801 as the direct connection to the internet on 0/1  and the internal IP address on 0/0.

While this works fine for what they were trying to accomplish, it would be ideal to put the systems behind a firewall so that they can use things such as using NAT for remoting into a server from one of their other public static IP addresses through a firewall.

Question is... first,is this possible and/or supported,  and two, would the current external facing port 0/1  use an internal IP address to face the firewall, and if so, the same range as the internal IP's?

I can post a config if someone wishes to view and advise.

Thank you.

Labels:
0 Helpful
16 Replies 16

2cooltek1
Level 1
Level 1
In response to Masoud Pourshabanian

‎03-04-2016 08:32 AM

Masoud,

Sorry for the late reply.

I just wanted to thank you for helping with this and with the information you provided was able to work with the vendor and offer suggestions from you to help them get this completed. Everything is working as planned.

Again, thank you for taking time to answer my questions, it was definitely a big help!

0 Helpful

Masoud Pourshabanian
VIP Alumni
VIP Alumni
In response to 2cooltek1

‎01-18-2016 05:52 AM

Hello,

As I said before and Richard nicely explained, installing firewall behind the router gives more flexibility and simplicity in configuration. 

First, you can configure firewall transparent. It means you do not to change any ip addresses and it supports almost most of the firewall features.

VPN will terminate on router so firewall can see encrypted traffic and inspect it more carefully.

NAT and other part of routing configuration will be done on router( or both) which is easier.

implementation of ACL on Router can limit the traffic reaching to firewall, which causes firewall receive less traffic and just focus on other security aspects such as IPS and AV.

Hope it helps,

Masoud

0 Helpful
Customers Also Viewed These Support Documents