Start Free TrialLog in
Avatar of dazer1virginia
dazer1virginia

asked on 

Cisco 2800 access to internal SonicWall firewall

I have a Cisco 2800 router with a 65.160.1.x address.  Its 0/0 interface is asssigned a .145 address (nat inside) and 0/1 is assigned a 71.130.1.235 (nat outside), which is a separate point-to-point T1.  Here's the issue.  There's an internal SonicWall firewall connected to the Cisco 2800 router via a switch.  The SonicWall does Nat for an internal 192.168.2.0 network.  However, no Nat rules are working on the SonicWall because even though the Cisco 2800 has a 65.160.1.145 (255.255.255.240), and the SonicWall has this address 65.160.1.146, nothing gets through to the SonicWall from the router.  Clients going out from the 192.168.2.x network can get outside via the firewall.  I need to know what commands need to go on the Cisco 2800 so that when I assign a 65.160.1.147 address on the router for a Nat to an internal Web server, that it will work.



 
Building configuration...
 
Current configuration : 2034 bytes
!
version 12.2
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug uptime
service timestamps log datetime
service password-encryption
!
hostname VINDav
!
logging queue-limit 100
!
ip subnet-zero
no ip source-route
!
!
ip tcp synwait-time 10
no ip domain-lookup
ip domain-name vin.com
no ip bootp server
ip audit notify log
ip audit po max-events 100
!
!
!
interface Null0
 no ip unreachables
!
interface FastEthernet0/0
 description To WAN Switch to Dav Firewall
 ip address 65.160.1.145 255.255.255.240
 no ip unreachables
 ip nat inside
 no ip mroute-cache
 speed 100
 full-duplex
 no cdp enable
!
interface Serial0/0
 description Connected to T1
 ip address 192.168.3.2 255.255.255.252
 no ip mroute-cache
 service-module t1 clock source internal
 service-module t1 remote-alarm-enable
!
interface FastEthernet0/1
 ip address 71.130.1.235 255.255.255.248
 no ip unreachables
 ip nat outside
 no ip mroute-cache
 speed 100
 full-duplex
!
interface Ethernet1/0
 no ip address
 no ip mroute-cache
 shutdown
 half-duplex
!
ip nat inside source list 2 interface FastEthernet0/1 overload
ip classless
ip route 0.0.0.0 0.0.0.0 71.130.53.238
ip route 65.160.1.18 255.255.255.255 192.168.3.1
!
access-list 2 permit 65.160.1.144 0.0.0.15
access-list 5 permit 65.160.1.0 0.0.0.255
no cdp run

Open in new window

Routers
Avatar of undefined
Last Comment
dazer1virginia
Avatar of Tim_Jr
Tim_Jr
To start, the first thing that popped out at me was that your fa0/0 interface is 'ip nat inside' but seems to be using a public address... I would think that that interface would have to be an internally addressed interface if it needs to be natted on the inside.
Avatar of dazer1virginia
dazer1virginia

ASKER

I'm not sure about that.  I inherited this network.  

I did have an error in the last line of the comment.  It should have read:

I need to know what commands need to go on the Cisco 2800 so that when I assign a 65.160.1.147 address on the FIREWALL for a Nat to an internal Web server, that it will work.
Avatar of Tim_Jr
Tim_Jr
I've used Sonicwall firewalls before and I know the Nat-ing capabilities are limited. Is the web server on a DMZ or just internal? I knowits possible to setup that on the Sonicwall.
Avatar of dazer1virginia
dazer1virginia

ASKER

I have already set up the NAT policy on the SonicWall.  The issue is that the Internet router is not set up to pass through to the firewall.  
ASKER CERTIFIED SOLUTION
Avatar of dazer1virginia
dazer1virginia
Blurred text
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Routers
Routers

A router is a networking device that forwards data packets between computer networks. Routers perform the "traffic directing" functions on the Internet. The most familiar type of routers are home and small office cable or DSL routers that simply pass data, such as web pages, email, IM, and videos between computers and the Internet. More sophisticated routers, such as enterprise routers, connect large business or ISP networks up to the powerful core routers that forward data at high speed along the optical fiber lines of the Internet backbone. Though routers are typically dedicated hardware devices, use of software-based routers has grown increasingly common.

49K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
Ask the experts

  • "Invaluable tool for our organization"

    Josh Regalski

  • "Your help has saved me hundreds of hours of internet surfing."

    @fblack61

  • "Just a dang good service!"

    @golferski

  • "Worth every penny."

    Steve Hougom

  • "It’s been a life saver."

    Maria Halt

  • "Best support site I’ve seen!"

    Bob Schneider

  • "I would be lost without them."

    @fblack61

  • "Saved my job multiple times."

    Walt Forbes

  • "I love this site."

    Maria Duwe

  • "Friendly respectful help."

    Andrew Kowtalo

  • "Such top-notch experts."

    @magento

  • "The best money I have ever spent."

    @rwheeler23

  • "Beyond any comprehensible value"

    George Morris

  • "Invaluable tool for our organization"

    Josh Regalski

Read over 600 more reviews

TRUSTED BY

IBM logoIntel logoMicrosoft logoUbisoft logoSAP logo
Qualcomm logoCitrix Systems logoWorkday logoErnst & Young logo
High performer badgeUsers love us badge
LinkedIn logoFacebook logoX logoInstagram logoTikTok logoYouTube logo
© 1996-2023 Experts Exchange, LLC. All rights reserved. Covered by US Patent