This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Replacing Cisco ASA with SG125W

Replacing a cisco asa 5505 with the SG125. The cisco currently is setup as the default gateway for all internal computers/servers. Would I be able to do that with the SG125 as well? if so, is there a special routing that has to be setup to do that?



This thread was automatically locked due to age.
  • If you don’t hide other information, then it should be no problem to do that. You just have to configure the so called network protection.

    You could get an iso to setup a VM and get a feeling for the UI.

    Best

    Alex

    -

  • Thanks for the response but I am confused by what you mean by "hide other information". I currently have the Cisco ASA in place at the remote location which is setup as an IPsec VPN back to main. At the main I have a UTM 220 and this new SG125 that I will configure as much as possible before sending it down to them to replace the ASA. When I went through the Cisco ASA configuration I found out that the LAN interface is the default gateway for their entire network. Because of that, I will have to configure this SG as the same so as not to cause issues. I just wasn't sure if the SG could act as the default gateway like the ASA does currently.

  • Hello,

    maybe that was a little misleading. I meant, that possibly other tasks, which the ASA takes over could be still present.
    The default gateway can replace the UTM/SG. So this could be done by relatively any firewall/router. Which tasks does the ASA have as standard gateway in your case? I suppose some routes? Internet access?

    Best
    Alex

    -

  • So in theory, the assigned LAN interface on the UTM would have the same address as the current ASA (once the ASA is unplugged of course). By doing that the UTM will be the default gateway for all systems. The static (inside,outside) on the ASA points to the router of course and I would set the default GW on my external WAN to point to the same on the UTM.

  • So, I would say that is a yes. You can replace that ASA by an SG125W.

    Best regards

    Alex

    -

  • UTM and ASA have very diffetent architectures.   Read the Wiki articles before proceeding, to ensure that you do not create security holes based on ignorance or false assumptions.