cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1787
Views
0
Helpful
0
Replies

Firewall with IPSEC and GRE best practice

joel charest
Level 1
Level 1

Hi experts,

I would like any suggestions on this topology. We are is the middle of replacing our old ASA5520 with the new FirePower. Our current firewall terminate our IPsec tunnels and the GRE is terminated on the first inside router's loopback on the secure side of the firewall. Our consultant is proposing to have a router on the side DMZ with the sole function to terminate the GRE so that the firewall can inspect the data. I'm no expert in firewall but I'm thinking that there has to be a better way. Can we terminate the IPsec and the GRE in the firewall so the data can be inspected? Or is a router facing the internet in front of the firewall in the only solution? Thank you!

imageedit_1_2975904189.jpg

0 Replies 0
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: