Hi,
I'm looking at integrating UTM 9 into my network. My intention is to use it as a L7 firewall with IPS and a reverse proxy so I can present several IoT devices to the Internet. I may use it for VPN too.
Currently, I have:
- Cisco C897VAW router (Integrated ADSL modem)
- ADSL (20Mbps / 7Mbps)
- ESXi hosts 2x with 4 nics each.
- Cisco SG300-28p (Layer 2)
One of the reasons for looking at UTM 9 is the GUI FW, so my intention is to replace ACLs / Zones on the router, therefore, it is my understanding that it would be best to place the UTM between the WAN and LAN, however, these roles both live on the device, namely the router.
I'd like to keep the router doing most of the L3 stuff as I have several VLANs and make use of the switchports, PoE and wireless access point.
My current plan is to buy something like an Intel NUC to run UTM and an ADSL modem. I can then shut down the Dialer interface on the router and hook up the UTM device between the new ADSL modem and the WAN interface on the router.
I've thought about the virtual route, however, I like to be able to shut down the ESXi hosts and with UTM running on them, it would mean I'd have to leave one running all the time.
What is the opinion of my proposed plan? Is there a better way that may allow me to utilise the built-in modem of the router. (Thinking out aloud here.) Maybe there's a way to 'bridge' one of the GigabitEthernet interfaces to the dialer. For example:
Internet --> Dialer --> Bridge --> GigabitEthernet0 --> UTM --> WAN.
(Green = inside the router)
Last time I played around with my UTM, I noticed there was a place to add my ISP settings into UTM. I've been trying to find Cisco config examples of the Dialer config for this senario.
Many thanks
W.
This thread was automatically locked due to age.
