Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > Urgent help reqd! - Cisco router sitting in front of hardware firewall

Reply
Thread Tools

Urgent help reqd! - Cisco router sitting in front of hardware firewall

 
 
Kapamarou
Guest
Posts: n/a
 
      12-31-2003
Hi everyone,

we have just purchased a third party firewall (Watchguard) to run behind our
1720 router which up until now was connected on ADSL and was doing all the
NATting and ACLs.

Now the firewall requires the public IP of the router as it's default
gateway which we have given it but we are not sure on what changes need to
be applied on the Cisco in order for this to work. (I assume the access
lists and the NAT statements need to be deleted) I was also wondering of
there is any routing that needs to be specified on the Cisco as it needs to
know that the traffic coming from the public IP of the firewall needs to go
out through the Dialler interface.

This is not a production router so wiping the config and starting again will
not be a problem!

Many thanks in advance,

Kapa


 
Reply With Quote
 
 
 
 
Phillip Remaker
Guest
Posts: n/a
 
      12-31-2003

"Kapamarou" <(E-Mail Removed)> wrote in message
news:1rAIb.110$(E-Mail Removed)-net.net...
> Now the firewall requires the public IP of the router as it's default
> gateway which we have given it but we are not sure on what changes need to
> be applied on the Cisco in order for this to work.


Probably nothing. Is it working? Does the Watchguard now do NAT?? Can it
replace the router outright?

> I was also wondering of
> there is any routing that needs to be specified on the Cisco as it needs

to
> know that the traffic coming from the public IP of the firewall needs to

go
> out through the Dialler interface.


You have not provided enough information for an informed reply.


 
Reply With Quote
 
 
 
 
Walter Roberson
Guest
Posts: n/a
 
      12-31-2003
In article <1rAIb.110$(E-Mail Removed)-net.net>,
Kapamarou <(E-Mail Removed)> wrote:
:we have just purchased a third party firewall (Watchguard) to run behind our
:1720 router which up until now was connected on ADSL and was doing all the
:NATting and ACLs.

:Now the firewall requires the public IP of the router as it's default
:gateway which we have given it but we are not sure on what changes need to
:be applied on the Cisco in order for this to work.

:This is not a production router so wiping the config and starting again will
:not be a problem!

If this is not a production router, what is it about the situation
that leads you to require assistance urgently?

I must be in a bad mood today I guess, but it seems to me that if you
are in a commercial environment and you didn't know how you were
going to integrate the new equipment and you were going to need
it integrated quickly, then you should have hired a consultant
or opened a case with the TAC. If it's not worth hiring a consultant
for and not worth having a SmartNet contract for, then chances are
that it isn't urgent and can wait until after New Years Day.

If you continue to feel that it is urgent, then perhaps you
should restore the previous topology and configuration until
such time as you can bring someone in to help you.

I notice you don't even bother to supply a valid email address
or phone number.

Sorry, the information you give just makes it look too much
like you are taking advantage of us.
--
Everyone has a "Good Cause" for which they are prepared to Spam.
-- Roberson's Law of the Internet
 
Reply With Quote
 
Guest
Posts: n/a
 
      12-31-2003
Walter,
I agree, he should pay someone. The only people in my office are the
technical people, everyone else left at noon so I'm in a bad mood too.

But I'll give him a little hint, since the router is now nothing more then a
TA can you say "ip unnumbered"


 
Reply With Quote
 
Hugo Drax
Guest
Posts: n/a
 
      01-02-2004

"Walter Roberson" <(E-Mail Removed)-cnrc.gc.ca> wrote in message
news:bsv4h7$7jv$(E-Mail Removed)...
> In article <1rAIb.110$(E-Mail Removed)-net.net>,
> Kapamarou <(E-Mail Removed)> wrote:
> :we have just purchased a third party firewall (Watchguard) to run behind

our
> :1720 router which up until now was connected on ADSL and was doing all

the
> :NATting and ACLs.
>
> :Now the firewall requires the public IP of the router as it's default
> :gateway which we have given it but we are not sure on what changes need

to
> :be applied on the Cisco in order for this to work.
>
> :This is not a production router so wiping the config and starting again

will
> :not be a problem!
>
> If this is not a production router, what is it about the situation
> that leads you to require assistance urgently?
>
> I must be in a bad mood today I guess, but it seems to me that if you
> are in a commercial environment and you didn't know how you were
> going to integrate the new equipment and you were going to need
> it integrated quickly, then you should have hired a consultant
> or opened a case with the TAC. If it's not worth hiring a consultant
> for and not worth having a SmartNet contract for, then chances are
> that it isn't urgent and can wait until after New Years Day.
>
> If you continue to feel that it is urgent, then perhaps you
> should restore the previous topology and configuration until
> such time as you can bring someone in to help you.
>
> I notice you don't even bother to supply a valid email address
> or phone number.
>
> Sorry, the information you give just makes it look too much
> like you are taking advantage of us.



He probably low balled a bid and now is stuck in a corner hehe. Fly By Night
Enterprises.


 
Reply With Quote
 
Hugo Drax
Guest
Posts: n/a
 
      01-02-2004

<RC> wrote in message news:3ff332a4$0$18402$(E-Mail Removed) m...
> Walter,
> I agree, he should pay someone. The only people in my office are the
> technical people, everyone else left at noon so I'm in a bad mood too.
>
> But I'll give him a little hint, since the router is now nothing more then

a
> TA can you say "ip unnumbered"
>
>


hehe I closed shop for 3 weeks, My typical waking up time now 11:00AM


 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Router vs hardware firewall Googy Computer Support 5 11-08-2007 12:18 AM
putting a firewall in front of a router atlanta@mailinator.com Computer Support 3 06-08-2005 11:07 PM
Re: putting a firewall in front of a router elaich Computer Support 0 06-08-2005 07:28 PM
Completely replace software firewall with hardware firewall? Sandi Computer Security 33 04-04-2005 01:52 PM
Sitting behind a local pix501 and can't access an external site with Pix501 from Cisco VPN CLient- why? simon Cisco 1 09-21-2004 12:52 PM



Advertisments