cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
464
Views
2
Helpful
3
Replies

Route between Router and Firewall

FARO15ful
Level 1
Level 1

Hi. i have a problem with route packets between firewall and cisco router. Yes i know tat 100.100.10.0 is global ip, i can't use it and all ip adress is just example.

I have a PC, ESXi server, and a Cisco router, all connected to an unmanaged switch. DHCP, a VPN between my VPN server, and NAT is configured on the Cisco router. I have a global IP address 117.71.71.70 on my WAN interface and the IP address 100.100.10.1 on my LAN interface on the Cisco router. 117.71.71.71 is IP address of internet provider.

In the ESXi server, I have a pfSense firewall running in a virtual machine with an IP address of 100.100.10.13 Computers get their IP from the Cisco router. I want to route the traffic in such a way that when the PC tries to access a website, packets will go from the LAN interface to the Cisco router, then to the pfSense firewall. If the PC has access to that site, the packets will then go back to the Cisco router, and from the WAN interface, it will go to the internet.

What I need to set up a route for this?
I tried this route but it didn't route to pfsesnse. It directly goes to wan.
ip route 0.0.0.0 0.0.0.0 117.71.71.71
ip route 100.100.10.0 255.255.255.0 100.100.10.13

Untitled2.png

3 Replies 3

Hello,

(default) routing won't work because your PC and the pfSense are in the same subnet (directly connected to the Cisco router). Policy routing might work. Can you post the full running config of your Cisco router ?

Thanks. route map with different subnet works good. if i have a vpn connection i cant see my local hosts from vpn server. i add same routemap with permmit my local network to wan interface and it helped too. is it right way for this solution?

DimaL
Level 1
Level 1

Right option would be connecting ESXi directly to the router interface on different subnet, via software switch.

Review Cisco Networking for a $25 gift card