Solved

Cisco 12.2(1b)

Posted on 2004-04-26
3
219 Views
Last Modified: 2010-04-11
Current Setup:
ISP ------>Cisco2514----->LAN

1) My ISP NATS my public ip to 10.20.20.100
2) Cisco2514 NAT/PAT to 172.16.8.0/24
3) So the computers in my LAN get NATed twice.
4) I do PAT for www, mail, dns, etc...

WHAT I WANT TO DO, is this:
ISP ------>Cisco2514----->Firewall---->LAN

1) How do I get my Cisco2514 to pass all packets to the firewall?
0
Comment
Question by:mesican
  • 2
3 Comments
 
LVL 11

Expert Comment

by:PennGwyn
ID: 10923743
Assign the LAN side interface of the firewall the gateway address that the clients use (currently on LAN side of 2514).

Assign the other side interface of the firewall an address in a different private range, say 172.16.124.2/24

Change the address of the LAN side interface of the 2514 to be in the same range, say 172.16.124.1/24

Give the 2514 a route telling it that your LAN is on the other side of the firewall:

ip route 172.16.8.0 255.255.255.0 172.16.124.2

Tell the firewall to use the 2514 (172.16.124.1) as its default gateway/route.

0
 

Author Comment

by:mesican
ID: 10923825
So packets that come in not destined for the lan will still get sent to the lan side?
0
 
LVL 11

Accepted Solution

by:
PennGwyn earned 50 total points
ID: 10932292
Packets that come in destined for the LAN will get forwarded to the firewall.  Packets that come in for anywhere else (there shouldn't be any, but...) will get sent to the router's default route/gateway, which still points back to the Internet so that packets *from* the LAN can get there.  (If the ISP insists on delivering packetes that aren't for you, they'll bounce between you and the ISP until they run out of TTL.)

0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

What’s a web proxy server? A proxy server is a server that goes between clients and web servers, used in corporate to enforce corporate browsing policy and ensure security. Proxy servers are commonly used in three modes. A)    Forward proxy …
Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now