Hot Downloads

Welcome, Guest
Username: Password: Remember me
  • Page:
  • 1
  • 2

TOPIC: Cisco ISR Router configuration

Cisco ISR Router configuration 8 years 6 months ago #26305

  • hot_ice
  • hot_ice's Avatar
  • Offline
  • New Member
  • Posts: 1
  • Karma: 0
Please help. How do I configure my cisco router and my asa firewall to allow 2 different networks to communicate to each other?

Scenario:

Internet
|
|
ASA5510<---->Router(ISR)<
>Network A
|
|
Network B


Network A
192.168.20.x/24
w/ VLAN enabled


Network B
10.0.0.0/8

My cisco ISR router interface eth0 is directly connected to my ASA’s eth2 interface. While Network B is directly is connected to my ASA firewall’s eth1 interface. Both interfaces have been configured with the same security level (100).

Should I configure RIP next or EIGRP in my ISR router to allow the comunication? Please advice.

Thanks!
The administrator has disabled public write access.

Re: Cisco ISR Router configuration 8 years 6 months ago #26313

  • skepticals
  • skepticals's Avatar
  • Offline
  • Expert Member
  • Posts: 783
  • Karma: 0
Is your problem only with the connectivity between Network A and Network B? Do you already have access to the Internet?
The administrator has disabled public write access.

Re: Cisco ISR Router configuration 8 years 6 months ago #26319

  • Elohim
  • Elohim's Avatar
  • Offline
  • Senior Member
  • Posts: 220
  • Karma: 0
Same security levels will never talk to each other. Cisco has a feature that allows same security levels to talk to each other, but you cannot use any ACLs. they appear to be in the same security zone but just on different interface.

Please help. How do I configure my cisco router and my asa firewall to allow 2 different networks to communicate to each other?

Scenario:

Internet
|
|
ASA5510<---->Router(ISR)<
>Network A
|
|
Network B


Network A
192.168.20.x/24
w/ VLAN enabled


Network B
10.0.0.0/8

My cisco ISR router interface eth0 is directly connected to my ASA’s eth2 interface. While Network B is directly is connected to my ASA firewall’s eth1 interface. Both interfaces have been configured with the same security level (100).

Should I configure RIP next or EIGRP in my ISR router to allow the comunication? Please advice.

Thanks!
The administrator has disabled public write access.

Re: Cisco ISR Router configuration 8 years 6 months ago #26327

  • skepticals
  • skepticals's Avatar
  • Offline
  • Expert Member
  • Posts: 783
  • Karma: 0
That's what I was thinking...
The administrator has disabled public write access.

Re: Cisco ISR Router configuration 8 years 6 months ago #26357

  • MatthewUHS
  • MatthewUHS's Avatar
  • Offline
  • Frequent Member
  • Posts: 39
  • Karma: 0
Consider this scenario?

inet---wic0 --- fa0/0---ASA---net A
net b--wic1--- fa0/1 --- net A

route and ACL on each interface pairing. This is considering one (net a or b) is over a WAN.

Plus IMHO, if you are using an ISR, why have an ASA if you can enable CBAC on the ISR?
The administrator has disabled public write access.

Re: Cisco ISR Router configuration 8 years 6 months ago #26364

  • Elohim
  • Elohim's Avatar
  • Offline
  • Senior Member
  • Posts: 220
  • Karma: 0
Well if you choose to run just an ISR with some cbac to protect your business assets, that's certainly your choice. For a small enterprise, that could work, but I would not trust any business assets to a router. It takes a lot of work to get a router to provide some false sense of security, but it only takes the power button to get an asa to provide the same sense of false security.

Consider this scenario?

inet---wic0 --- fa0/0---ASA---net A
net b--wic1--- fa0/1 --- net A

route and ACL on each interface pairing. This is considering one (net a or b) is over a WAN.

Plus IMHO, if you are using an ISR, why have an ASA if you can enable CBAC on the ISR?
The administrator has disabled public write access.
  • Page:
  • 1
  • 2
Time to create page: 0.085 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup