Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
296
Views
0
Helpful
1
Replies

Is that a correct architecture

Abdelilah Benrida
Level 1
Level 1

‎12-16-2013 12:49 PM

Hi every one,

In our company we have no cisco router and no firewall,

So we want to put somthing from cisco,and we have no ideas about which we should put first,router or Asa

the attachment shows the architecture we want but i don't know if it is correct and possible with the ASA 5515,

the best solution is to put a router for all wan connexions and the Asa behind it,

but if i put the ASA for all WAN  connexions (see attachment) , will i have a routing problems or it will be easy?

we want to have 2 ADSL and one leased line.if that is not possible we can just put one ADSL and one leased line,is that possible ?

we want also VPN connexions.IPsec.

Labels:
Preview file
7 KB
0 Helpful
1 Reply 1

Karsten Iwen
VIP
VIP

‎12-16-2013 11:06 PM

In general, you can use both an ASA and also an IOS-router for that. A router will give you a much more flexible solution for traffic-control because the ASA doesn't have real policy based routing. But for incoming traffic all theee lines can be used. Only for outgoing traffic you should pick one of the lines as the default.

If you connect a router to the WAN-circuits, you could also use that router as the firewall. Of course you need the security-featureset on the router for that. With one router and one ASA behind each other you have two single points of failure.


Sent from Cisco Technical Support iPad App

0 Helpful
Customers Also Viewed These Support Documents