Solved

Cisco routing with Sonicwall

Posted on 2010-08-30
4
438 Views
Last Modified: 2012-05-10
ok this is what I have, basically have a couple remotes sites that are still using Sonicwall to terminate a P2P fiber connection.  I have some Cisco 871's in hand that I want to replace those sonicwalls with.  The main Site still uses A sonicwall to terminate the fiber and internet filtering.  So basically its setup like this on the sonicwalls at the remote site currently

LAN ip 192.168.5.1
WAN ip 192.168.11.1    Main Site 192.168.11.2 (p2p Fiber)
the main site also terminates all MPLS circuits so we have additional subnets behind the main site sonic wall  192.168.6.0 192.168.3.0 192.168.8.0 192.168.2.0 192.168.10.0.  right now i create address objects in the sonicwall for each subnet, and then route to those subnets through the Main site P2P link (192.168.11.2)  Can the Cisco work with the sonicwall in this way?
0
Comment
Question by:jasonmichel
  • 2
  • 2
4 Comments
 
LVL 10

Accepted Solution

by:
Sorenson earned 500 total points
ID: 33559429
From your description it sounds like the sonicwalls are simply routing traffic, this would be a little more complicated if they are doing nat / firewalling, but the 871 can do both.

The 871 should be able to do what you are asking.  You would create the LAN and WAN ip addresses, then add static routes for each of the remote networks (via the main site ip address.
0
 
LVL 1

Author Comment

by:jasonmichel
ID: 33559519
would i need to create an ACL for each remote subnet?
0
 
LVL 10

Expert Comment

by:Sorenson
ID: 33559780
that would depend on the security setup you need.  For simply routing the traffic, no, you would not need an acl, just a static route.  If you want to control / limit traffic, or you will be doing nat / firewalling, then you will need to create acls, create nat statements, etc.
0
 
LVL 1

Author Comment

by:jasonmichel
ID: 33571251
ok, so this is what the config looks like...any issues?


Current configuration : 1001 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
no logging console
!
no aaa new-model
!
resource policy
!
ip subnet-zero
ip cef
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
 ip address 192.168.11.1 255.255.255.0
 duplex auto
 speed auto
!
interface Vlan1
 ip address 192.168.5.1 255.255.255.0
!
ip classless
ip route 192.168.1.0 255.255.255.0 192.168.11.2
ip route 192.168.2.0 255.255.255.0 192.168.11.2
ip route 192.168.3.0 255.255.255.0 192.168.11.2
ip route 192.168.6.0 255.255.255.0 192.168.11.2
ip route 192.168.8.0 255.255.255.0 192.168.11.2
ip route 192.168.10.0 255.255.255.0 192.168.11.2
!
no ip http server
no ip http secure-server
!
!
control-plane
!
!
line con 0
 no modem enable
line aux 0
line vty 0 4
!
scheduler max-task-time 5000
end



192.168.11.2 is the other side of the p2p fiber, 11.1 is local to the router
0

Featured Post

Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
How to setup VPN onCisco RV016 8 50
Can't access Internet behind Cisco Router 14 44
Network Config 9 71
Is WiFi half-duplex or Full -duplex 4 31
In this tutorial I will show you with short command examples how to obtain a packet footprint of all traffic flowing thru your Juniper device running ScreenOS. I do not know the exact firmware requirement, but I think the fprofile command is availab…
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

932 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now