08-29-2017 09:51 PM - edited 02-21-2020 06:15 AM
Hi.
I would like to request some help with the following case I have.
I need to route all the Internet traffic to the Router 1.
In the Firewall 2 I created the following route
route 0.0.0.0 0.0.0.0 10.154.242.9 1
After that I dont know what else do I need to do the route the traffic.
Please advise.
Attched you will find a diagram
Solved! Go to Solution.
08-30-2017 12:59 AM
Hi there,
According to your diagram, you need to change the route statement to send all internet bound Firewall2 traffic to the WAN Switch VLAN200 SVI :
! ip route 0.0.0.0 0.0.0.0 10.154.242.8 1 !
cheers,
Seb.
08-30-2017 12:59 AM
Hi there,
According to your diagram, you need to change the route statement to send all internet bound Firewall2 traffic to the WAN Switch VLAN200 SVI :
! ip route 0.0.0.0 0.0.0.0 10.154.242.8 1 !
cheers,
Seb.
08-30-2017 07:57 AM - edited 08-30-2017 08:05 AM
it was my mistake the correctone is the 10.154.242.9 but my concern is what do I route the internet traffic tthru Router 1
08-30-2017 09:05 AM - edited 08-30-2017 09:06 AM
If the routing for the point-to-point segments are correct, then it is probably a case of the subnets connected to Firewall2 not being known by Router1, causing the return traffic to be dropped.
Have you configured a dynamic routing protocol to advetise the subnets from Firewall2 to Router1 via the WAN switch and Firewall1?
cheers,
Seb.
08-30-2017 09:36 AM
I cannot use dynamic only static. But I dont know how to do it
Thanks
08-30-2017 12:57 PM
It is a shame you aren't using a contiguous address block behind Firewall2 which would have enabled us to use a summary route, instead of two static route entries.
I have assumed your firewall interface names are outside and inside. Please change these to suit.
At each point in the network where routing occurs you need to ensure the device knows which IP address to forward packets towards.
The static routes you'll need are:
Router1 :: ! ip route 10.154.2.0 0.0.0.255 10.154.240.17 ip route 10.1.250.0 0.0.0.255 10.154.240.17 ! Firewall1 :: ! ip route outside 0.0.0.0 0.0.0.0 10.154.240.21 ip route inside 10.154.2.0 255.255.255.0 10.154.0.83 ip route inside 10.1.250.0 255.255.255.0 10.154.0.83 ! WAN Switch :: ! ip route 0.0.0.0 0.0.0.0 10.154.0.81 ip route 10.154.2.0 0.0.0.255 10.154.242.12 ip route 10.1.250.0 0.0.0.255 10.154.242.12 ! Firewall2 :: ! ip route outside 0.0.0.0 0.0.0.0 10.154.242.8 !
cheers,
Seb.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide