Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
24830
Views
0
Helpful
2
Replies

IPsec through Firewall

Fida jlassi
Level 1
Level 1

‎09-04-2015 11:35 PM - edited ‎03-05-2019 02:14 AM

Hi all,

We have Central room which collects data from remote sites via VSAT Link, a Tunel GRE is created in each site and encrypted with IPSEC standard.

a Cisco routers series 2800 is intalled and configured in each site.

My question is: did we need a firewall in addition to the ipsec encryption? if yes should we use the IOS routers firewall (software solution) or we should implement a new firewall hardware?

there is something else, the VSAT link is redundant to a leased line links which pass through the same cisco routers. Is it possible to use firewall with the leased line link? Should we use a firewall to enhance the security?

 

Regards, 

Labels:
0 Helpful
2 Replies 2

Fida jlassi
Level 1
Level 1

‎09-05-2015 01:07 AM

it's an urgent matter, could you help please with this.

0 Helpful

nspasov
Cisco Employee
Cisco Employee
In response to Fida jlassi

‎09-05-2015 05:34 PM

That would really depend on your requirements. For instance, do you have to comply to some regulatory body that demands a stateful firewall, IPS, Malware inspection, segregation, etc? If not then, you can definitely add the zone-based FW functionality on your router. If this is your perimeter device (directly exposed to the internet) then you should also look into hardening the device by turning off features that you don't need/use and applying standard ACLs to block things such as RFC1918 addresses from ingressing from the internet to your network or vice-versa.

I hope this helps!

 

Thank you for rating helpful posts!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card