Cisco Community
English
Register
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Welcome to the Cisco Small Business Community

Have a question? Click on a topic board below to get started in the community.
Get the latest news in this issue of the Cisco Small Business Monthly Newsletter

558
Views
0
Helpful
5
Replies
Highlighted
MarkSymms88085
Beginner
Beginner
‎10-13-2020 10:53 AM
‎10-13-2020 10:53 AM

Router or ASA Firewall?

Hi All,

So this question is for my home network, which at most times will have less than 50 hosts connected (IoT, cellphones, tablets, desktops, etc).  I have a Cisco Catalyst 3750.   I will create 7 different VLANs to segment the network.  My question involves solving my DHCP problem and a firewall.  I have looked at the ASA 5515X and a router with IOS Firewall, but cannot afford both.  I want to be able to, obviously,  assign IP addresses to each separate subnet/VLAN.  The 7th VLAN, however, is for the security cameras and the NVR (Network Video Recorder) system has its own DHCP server, apparently with limited configurability, that supplies ipv4 addresses to each camera. I don't want the main DHCP server to conflict or try to assign IPs to the cameras.  I am assuming that the NVR, once it receives a DHCP request from the camera will not forward to the main DHCP server.  I will assign a static IP, hopefully to the NVR itself.

 

Can I accomplish this with an ASA 5515X?  Will setting up the firewall services on a router (i.e. 2811) throttle the throughput noticeably?  Or am I better off running pfSense?

 

Any help or insight is greatly appreciated..

-mark

Labels:
0 Helpful
Reply
2 ACCEPTED SOLUTIONS

Accepted Solutions
Highlighted
MHM Cisco World
Rising star
Rising star
‎10-13-2020 12:37 PM
‎10-13-2020 12:37 PM

I think that SW can do DHCP work, where you can config DHCP local for VLAN and make Camera and other connect to DHCP server in specific VLAN.

so router or FW will be far away form dhcp and it concert is only internet and security connect. 

View solution in original post

0 Helpful
Reply
Highlighted
balaji.bandi
VIP Expert VIP Expert
VIP Expert
‎10-13-2020 12:53 PM
‎10-13-2020 12:53 PM

Edge side Prefer to have FW, so it protects your network.

3750 can support as DHCP Server for your requirement.

 



BB


*** Rate All Helpful Responses ***

View solution in original post

0 Helpful
Reply
5 REPLIES 5
Highlighted
MHM Cisco World
Rising star
Rising star
‎10-13-2020 12:37 PM
‎10-13-2020 12:37 PM

I think that SW can do DHCP work, where you can config DHCP local for VLAN and make Camera and other connect to DHCP server in specific VLAN.

so router or FW will be far away form dhcp and it concert is only internet and security connect. 

View solution in original post

0 Helpful
Reply
Highlighted
balaji.bandi
VIP Expert VIP Expert
VIP Expert
‎10-13-2020 12:53 PM
‎10-13-2020 12:53 PM

Edge side Prefer to have FW, so it protects your network.

3750 can support as DHCP Server for your requirement.

 



BB


*** Rate All Helpful Responses ***

View solution in original post

0 Helpful
Reply
Highlighted
MarkSymms88085
Beginner
Beginner
‎10-13-2020 01:28 PM
‎10-13-2020 01:28 PM

Thanks for the help BB and MHM!  I will work on that scenario

0 Helpful
Reply
Highlighted
MHM Cisco World
Rising star
Rising star
In response to MarkSymms88085
‎10-14-2020 11:34 AM
‎10-14-2020 11:34 AM

You Are welcome, if it solve please mention that it SOLVED.
Good Luck...

0 Helpful
Reply
Highlighted
Aref Alsouqi
VIP Rising star VIP Rising star
VIP Rising star
‎10-13-2020 10:42 PM
‎10-13-2020 10:42 PM

Another option would be to configure DHCP servers on the ASA itself. In that case you can configure the 3750 to act as a layer 2 switch, and trunk a connection to the ASA where you will have all the inter-VLAN security policies applied. You can also ether channel the connection between the switch and the ASA to get more bandwidth if needed.

0 Helpful
Reply
Latest Contents
Special offer - Cisco Designed Secure Remote Work
Created by Kelli Glass on 02-18-2021 10:22 AM
0
0
0
0
Cisco Designed Secure Remote Work helps you work more productively and securely whatever your location. Worry less and work smarter with enterprise-grade, cloud-based collaboration and security together in one package that's easy to purchase, deploy,... view more
Small business resilience and recovery roundtable
Created by Kelli Glass on 01-28-2021 02:24 PM
0
0
0
0
On Tuesday, February 2nd, you can join a great discussion with an industry analyst, Will Townsend, our partner- Port53,  and our customer -Cheetah Technologies. We’re helping small businesses assess where they are on their digital journey and wh... view more
Let's talk about small business resilience and recovery
Created by Kelli Glass on 01-28-2021 02:18 PM
0
0
0
0
On Tuesday, February 2nd, you can join a great discussion with an industry analyst, Will Townsend, our partner- Port53,  and our customer -Cheetah Technologies. We’re helping small businesses assess where they are on their digital journey and where t... view more
#CiscoChat Live: Small businesses deserve big security prote...
Created by Kelli Glass on 01-19-2021 05:22 PM
0
0
0
0
Join us live on Thursday, January 21 at 10 am PT (and on demand after) as Kate MacLean, head of product marketing for Cisco Umbrella, moderates a discussion about cybersecurity for small businesses. We’ll talk about the specific cyberthreats facing s... view more
#CiscoChat Live: Small businesses deserve big security prote...
Created by Kelli Glass on 01-19-2021 05:19 PM
2
0
2
0
Join us live on Thursday, January 21 at 10 am PT (and on demand after) as Kate MacLean, head of product marketing for Cisco Umbrella, moderates a discussion about cybersecurity for small businesses. We’ll talk about the specific cyberthreats facing s... view more
This widget could not be displayed.