Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

cisco router, routing

Posted on 2008-10-22
4
Medium Priority
?
206 Views
Last Modified: 2011-10-19
from the diagram below...
users are unable to browse internet
if i set proxy in internet explorer, users can browse internet.
maybe from router, i have to forward http requests to firewall?
whats the solution for this?

lan.jpg
0
Comment
Question by:ammadeyy2020
  • 2
  • 2
4 Comments
 
LVL 50

Expert Comment

by:Don Johnston
ID: 22776978
Do you have a trunk from the 3548 to the 1701?
Do you have a sub-interface on the 1701 for VLANs 10, 20 and 30 with the correct ip address?
Do you have a default route on the 1701 pointing to the firewall?
Do you have a route on the firewall for the 10.0, 20.0 and 30.0 networks pointing to the 1701?

You might want to post the configs of the switch and router.
0
 

Author Comment

by:ammadeyy2020
ID: 22777041
Router#sh run
Router#sh running-config
Building configuration...

Current configuration : 1309 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
no aaa new-model
ip subnet-zero
ip cef
!
!
!
no ftp-server write-enable
!
!
!
!
interface FastEthernet0
 ip address 192.168.1.1 255.255.255.0
 speed auto
!
interface FastEthernet0.10
 encapsulation dot1Q 10
 ip address 192.168.10.1 255.255.255.0
!
interface FastEthernet0.20
 encapsulation dot1Q 20
 ip address 192.168.20.1 255.255.255.0
!
interface FastEthernet0.30
 encapsulation dot1Q 30
 ip address 192.168.30.1 255.255.255.0
!
interface FastEthernet0.40
 encapsulation dot1Q 40
 ip address 192.168.40.1 255.255.255.0
!
interface FastEthernet0.50
 encapsulation dot1Q 50
 ip address 192.168.50.1 255.255.255.0
!
interface FastEthernet0.60
 encapsulation dot1Q 60
 ip address 192.168.60.1 255.255.255.0
!
interface FastEthernet0.70
 encapsulation dot1Q 70
 ip address 192.168.70.1 255.255.255.0
!
interface FastEthernet0.80
 encapsulation dot1Q 80
 ip address 192.168.80.1 255.255.255.0
!
ip classless
no ip http server
!
!
line con 0
 exec-timeout 0 0
 logging synchronous
line aux 0
line vty 0
 password cisco
 login
line vty 1 4
 login
!
!
end
0
 

Author Comment

by:ammadeyy2020
ID: 22777082
router is connected to port 15

Switch>en
Switch#sh run
Switch#sh running-config
Building configuration...

Current configuration:
!
version 12.0
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Switch
!
!
!
!
!
!
!
ip subnet-zero
!
!
!
interface FastEthernet0/1
 switchport access vlan 10
!
interface FastEthernet0/2
 switchport access vlan 10
!
interface FastEthernet0/3
 switchport access vlan 20
!
interface FastEthernet0/4
 switchport access vlan 20
!
interface FastEthernet0/5
 switchport access vlan 20
!
interface FastEthernet0/6
 switchport access vlan 20
!
interface FastEthernet0/7
 switchport access vlan 30
!
interface FastEthernet0/8
 switchport access vlan 30
!
interface FastEthernet0/9
 switchport access vlan 30
!
interface FastEthernet0/10
 switchport access vlan 30
!
interface FastEthernet0/11
 switchport access vlan 30
!
interface FastEthernet0/12
 switchport access vlan 30
!
interface FastEthernet0/13
 switchport access vlan 30
!
interface FastEthernet0/14
 switchport access vlan 30
!
interface FastEthernet0/15
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface FastEthernet0/16
 switchport access vlan 40
!
interface FastEthernet0/17
 switchport access vlan 40
!
interface FastEthernet0/18
 switchport access vlan 40
!
interface FastEthernet0/19
 switchport access vlan 40
!
interface FastEthernet0/20
 switchport access vlan 40
!
interface FastEthernet0/21
 switchport access vlan 40
!
interface FastEthernet0/22
 switchport access vlan 40
!
interface FastEthernet0/23
 switchport access vlan 40
!
interface FastEthernet0/24
 switchport access vlan 40
!
interface FastEthernet0/25
 switchport access vlan 40
!
interface FastEthernet0/26
 switchport access vlan 50
!
interface FastEthernet0/27
 switchport access vlan 50
!
interface FastEthernet0/28
 switchport access vlan 50
!
interface FastEthernet0/29
 switchport access vlan 50
!
interface FastEthernet0/30
 switchport access vlan 50
!
interface FastEthernet0/31
 switchport access vlan 60
!
interface FastEthernet0/32
 switchport access vlan 60
!
interface FastEthernet0/33
 switchport access vlan 60
!
interface FastEthernet0/34
 switchport access vlan 60
!
interface FastEthernet0/35
 switchport access vlan 60
!
interface FastEthernet0/36
 switchport access vlan 70
!
interface FastEthernet0/37
 switchport access vlan 80
!
interface FastEthernet0/38
 switchport access vlan 80
!
interface FastEthernet0/39
 switchport access vlan 80
!
interface FastEthernet0/40
 switchport access vlan 80
!
interface FastEthernet0/41
 switchport access vlan 80
!
interface FastEthernet0/42
 switchport access vlan 80
!
interface FastEthernet0/43
 switchport access vlan 80
!
interface FastEthernet0/44
 switchport access vlan 80
!
interface FastEthernet0/45
 switchport access vlan 80
!
interface FastEthernet0/46
!
interface FastEthernet0/47
!
interface FastEthernet0/48
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface VLAN1
 ip address 192.168.1.2 255.255.255.0
 no ip directed-broadcast
 no ip route-cache
!
interface VLAN10
 no ip directed-broadcast
 no ip route-cache
 shutdown
!
ip default-gateway 192.168.1.1
!
line con 0
 logging synchronous
 transport input none
 stopbits 1
line vty 0 4
 password cisco
 login
line vty 5 15
 login
!
0
 
LVL 50

Accepted Solution

by:
Don Johnston earned 2000 total points
ID: 22777122
You're missing a default route on the 1701 pointing to the firewall.

ip route 0.0.0.0 0.0.0.0 192.168.30.50

The firewall will also need routes to the 1.0,10.0 and 20.0 network that point to the 1701 (192.168.30.1)
0

Featured Post

The Firewall Audit Checklist

Preparing for a firewall audit today is almost impossible.
AlgoSec, together with some of the largest global organizations and auditors, has created a checklist to follow when preparing for your firewall audit. Simplify risk mitigation while staying compliant all of the time!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Creating an OSPF network that automatically (dynamically) reroutes network traffic over other connections to prevent network downtime.
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…

580 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question