Showing results for 
Search instead for 
Did you mean: 

Route between Router and Firewall

Level 1
Level 1

Hi. i have a problem with route packets between firewall and cisco router. Yes i know tat is global ip, i can't use it and all ip adress is just example.

I have a PC, ESXi server, and a Cisco router, all connected to an unmanaged switch. DHCP, a VPN between my VPN server, and NAT is configured on the Cisco router. I have a global IP address on my WAN interface and the IP address on my LAN interface on the Cisco router. is IP address of internet provider.

In the ESXi server, I have a pfSense firewall running in a virtual machine with an IP address of Computers get their IP from the Cisco router. I want to route the traffic in such a way that when the PC tries to access a website, packets will go from the LAN interface to the Cisco router, then to the pfSense firewall. If the PC has access to that site, the packets will then go back to the Cisco router, and from the WAN interface, it will go to the internet.

What I need to set up a route for this?
I tried this route but it didn't route to pfsesnse. It directly goes to wan.
ip route
ip route


3 Replies 3


(default) routing won't work because your PC and the pfSense are in the same subnet (directly connected to the Cisco router). Policy routing might work. Can you post the full running config of your Cisco router ?

Thanks. route map with different subnet works good. if i have a vpn connection i cant see my local hosts from vpn server. i add same routemap with permmit my local network to wan interface and it helped too. is it right way for this solution?

Level 1
Level 1

Right option would be connecting ESXi directly to the router interface on different subnet, via software switch.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Review Cisco Networking products for a $25 gift card