Firewall when router used as switch

Oct 12, 2018
Hello guys and gals

I ask for some assistance to with a firewall router I just got for free

currently I have a gateway to a switch, I only need the firewall to work from this new device.

I would like to do this

Gateway DHCP device -> Port 1 on the new firewall -> Port 2 -> Switch

Will the firewall work or will it only work if I use it like this

Gateway DHCP device -> WAN 1 on the firewall -> Port 1 -> Switch

I am worried that the firewall won't do anything if I use it without going via the WAN port on the new cisco firewall

Any advice would be appreciated

It only has 100Mbs LAN. Is your internet close to that? wireless N is fairly outdated now as well.
You will want your faster wifi on the LAN side. traffic will go through the firewall if it's on the edge or nested down.
If you want traffic to pass through two routers don't plug anything in the edge one and turn it's wifi off.

You can nest them. you make the 2nd one have a different subnet.

Any router is going to block inbound connections. You probably don't need an extra firewall.
I doubt something that old can run any of the services it offers with much throughput. on their site it says vpn throughput is 5Mbs.
Hard to say without reading the documentation. It depends a lot on if that device is really a firewall or if it is more a home user "firewall".

It need to run as a layer 2 firewall when it is acting as a it is not going lan-wan or between subnets. This is generally call a "transparent" firewall but it has other names depending on the vendor. Not all firewalls can do this.

Oct 12, 2018
Thank you both for your input on this.

If it helps make it more clear, the internet is an adsl modem router which is only connected to a switch which goes to some desktops and a sbs.

Because they can not control the adsl ports or anything of this nature they want to add the cisco between the adsl and the switch so when they remote into the server they can control the ports. Also I worry the IT guy wont be able remote into the server.

I am worried that it would be pointless as they are not using the Wan port like a 2nd router and configure it but they are only using the lan port number 1 as the input and number 2 as the output to the switch ie, only the lan ports.

From what you both are advising is, 1 the device is not the newest and could slow the other devices down and 2 what I am asking entirely depends on the device itself and that's beyond me.
If it's only being used for LAN it's not fast. A newer access point would provide much better wifi. you also have to be concerned about security updates on old stuff. CISCO is a very good company, but you should check that it's not EOL.

many modems are also routers now. it's fine to run a router below another. just make sure to configure it on another subnet. you can check the ip in one of your devices connected to the modem and see if it's a private 192.168. or 10. or 172.
If this is a Cisco enterprise class box, expect non-trivial configuration required for the most simplest of tasks, hope the couple of members here familiar with Cisco don't lose their patience. It maybe free but may end up costing u time and headache and what it may lowered performance due to age. A dumb gigabit switch is dirt-cheap.

Similar threads