routing question

dakshash_shah · ‎07-17-2005

I have set up a new remote site in LA.. and we have are HQ IN DC...

the 2821 routers are working..and I can see the network in DC from LA..

the problem I am having is that there is a DMZ in DC(192.168.111.0/24) that I can not see from any LA desktop. The LA side LAN has ip address of 10.15.0.0/16

I have a sonicwall in LA that acts as the firewall between the LAN and Internet..

the firewall IP address for the sonicwall is 10.15.1.254

and the internet is working great as well from LA..

i have a route on the LA 2821 router that says

0.0.0.0 0.0.0.0 10.15.1.254

but when I try to hit anything on the dmz address scheme..it trys to go out to the internet..and so, I need ot put a route in the sonicwall to point it back to the 2821 LAN interface..right?

and then..to get it across the WAN back to DC...what route entry do I need to put in the LA router..and what interface do I point the route entry to?

we have a private point-to-point network between DC and LA if that helps.

I am lost and any help would be appreciated.

Thanks

thisisshanky · ‎07-17-2005

Does your traffic between LA and DC ever have to hit the firewall ? I dont see a reason why you should as it is trusted traffic, unless you have to inspect that traffic using an IDS (or for other security reasons). So add a static route on LA 2821 as follows.

ip route 192.168.111.0 255.255.255.0

where is the ip address of the DC 2821's serial interface..

and on the DC router you should have a route for LA's lan, pointing to the ip address of the LA 2821's serial interface.

It would be much easier to run a dynamic routing protocol in order to avoid administrative overhead of maintaining these static routes on every router in your network. You can use protocols such as RIPV2, OSPF, EIGRP..

HTH

Sankar Nair
UC Solutions Architect
Pacific Northwest | CDW
CCIE Collaboration #17135 Emeritus