09-28-2001 11:28 AM - edited 02-21-2020 11:26 AM
I was looking to get a 17xx with two additional Ethernet WIC (so 3 10BT ports total) to setup a VPN node and put a mail/web server in a DMZ.
Unfortunately, I found out that they only actually support 1 additional Ethernet WIC and to set up a DMZ I'd need to have a DSL or other WIC interface to the ISP, use the Ethernet WIC for the DMZ and use the built in Ethernet for the Private Lan.
So, can what box should I get for VPN + DMZ -- can a 2600 help me? Can I still use a 1751 and uses VLANs somehow to create the DMZ and Private (v)LANs? Can I get forget about the DMZ and use NAT/PAT to expose private servers? What's the best solution?
Any help or experiences would be appricated.
10-01-2001 11:04 AM
Have you considered using a PIX515 firewall? In your situation, you do not require a seperate router. Otherwise you might want to consider the 2600 router family.
10-02-2001 01:00 PM
Layer seperating the DMZ is always recommended. The 2600 is a good choice. The 2621 and 2651 are good bets and you can add more ethernet and WIC ports if you need them. It's wise to order the IOS firewall feature set and the encryption feature.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide