From: Stefan Grey (examplebrain@hotmail.com)
Date: Tue Mar 28 2006 - 13:55:39 GMT-3
Hello guys.
Task.
Receive from the ISP internet link, vpn link, maybe some other. Then provide
the perimeter security.
1. Idea 1. Just to put ASA/PIX on the perimeter and than connect it to the
local switch.
1. My senior presales engenier told me that it is a bad solution. And he
didn't saw such a design before. He tells that always is done so: the router
on the perimeter and than the router itself is connected with the firewall
or ASA. He told that the router is needed to configure the shaping and to
avoid some headaches.
Could you please explain why 1st design is bad. Why shaping is so necessary
on the perimeter router. Why this router is needed and which bad things
could I receive if I build design 1. (with just one ASA or PIX).
Any help highly appreciated.
This archive was generated by hypermail 2.1.4 : Sat Apr 01 2006 - 10:07:40 GMT-3