3750 problem

Discussion in 'Cisco' started by Alex Turtois, Mar 24, 2007.

  1. Alex Turtois

    Alex Turtois Guest

    Dear All,

    I'm having a problem with a 3750 L3 switch here. The internet uplink
    is in port 1/0/1 so obviously the default route is set accordingly.
    there are 2 vlans defined for public/private network and my firewall
    is connected to both vlans - one interface for each. I want to route
    traffic thru my firewall and that one should be a default route as
    well. now the problem is that i cannot have two default routes in one
    device.

    any suggestions?

    thanks,
    Alex
     
    Alex Turtois, Mar 24, 2007
    #1
    1. Advertising

  2. Alex Turtois

    Haitingus Guest

    Hi Alex,

    Disable the routing on your 3750 by typing the following command "no ip
    routing". And let your Firewall route the traffic to internet.

    BR
    Marc.


    "Alex Turtois" <> wrote in message
    news:...
    > Dear All,
    >
    > I'm having a problem with a 3750 L3 switch here. The internet uplink
    > is in port 1/0/1 so obviously the default route is set accordingly.
    > there are 2 vlans defined for public/private network and my firewall
    > is connected to both vlans - one interface for each. I want to route
    > traffic thru my firewall and that one should be a default route as
    > well. now the problem is that i cannot have two default routes in one
    > device.
    >
    > any suggestions?
    >
    > thanks,
    > Alex
    >
     
    Haitingus, Mar 24, 2007
    #2
    1. Advertising

  3. Alex Turtois

    L J Guest

    make your switch's gateway the firewall
    "Alex Turtois" <> wrote in message
    news:...
    > Dear All,
    >
    > I'm having a problem with a 3750 L3 switch here. The internet uplink
    > is in port 1/0/1 so obviously the default route is set accordingly.
    > there are 2 vlans defined for public/private network and my firewall
    > is connected to both vlans - one interface for each. I want to route
    > traffic thru my firewall and that one should be a default route as
    > well. now the problem is that i cannot have two default routes in one
    > device.
    >
    > any suggestions?
    >
    > thanks,
    > Alex
    >
     
    L J, Mar 25, 2007
    #3
  4. Alex Turtois

    Alex Turtois Guest

    in that case my firewall has to be connected to the provider, right?

    i was thinking about the policy map, to change next hop based on
    source route:

    access-list 101 permit ip any 192.168.20.0 0.0.0.255
    route-map FIREWALL permit 100
    match ip address 101
    set ip next-hop 192.168.16.44

    but when i try to add ip policy-map to the incoming interface it does
    not have this command enabled. isn't it included in the ip-base
    image? what image should i use then?

    thanks a lot,
    Alex

    On Mar 25, 2:43 pm, "L J" <> wrote:
    > make your switch's gateway the firewall"Alex Turtois" <> wrote in message
    >
    > news:...
    >
    > > Dear All,

    >
    > > I'm having a problem with a 3750 L3 switch here. The internet uplink
    > > is in port 1/0/1 so obviously the default route is set accordingly.
    > > there are 2 vlans defined for public/private network and my firewall
    > > is connected to both vlans - one interface for each. I want to route
    > > traffic thru my firewall and that one should be a default route as
    > > well. now the problem is that i cannot have two default routes in one
    > > device.

    >
    > > any suggestions?

    >
    > > thanks,
    > > Alex
     
    Alex Turtois, Mar 25, 2007
    #4
  5. Alex Turtois

    Sied@r Guest

    Alex Turtois napisa³(a):
    > in that case my firewall has to be connected to the provider, right?
    >
    > i was thinking about the policy map, to change next hop based on
    > source route:
    >
    > access-list 101 permit ip any 192.168.20.0 0.0.0.255
    > route-map FIREWALL permit 100
    > match ip address 101
    > set ip next-hop 192.168.16.44
    >
    > but when i try to add ip policy-map to the incoming interface it does
    > not have this command enabled. isn't it included in the ip-base
    > image? what image should i use then?


    I think that - profiling for routing and PBR exist only in EI image.
     
    Sied@r, Mar 26, 2007
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Thomas

    Netflow problem on switch 3750

    Thomas, Aug 20, 2004, in forum: Cisco
    Replies:
    0
    Views:
    2,224
    Thomas
    Aug 20, 2004
  2. Alireza Dabagh [MS]

    3750 G 24TS vs. 3750 G 12S

    Alireza Dabagh [MS], Sep 28, 2004, in forum: Cisco
    Replies:
    4
    Views:
    2,565
    Alireza Dabagh [MS]
    Sep 29, 2004
  3. Sami
    Replies:
    1
    Views:
    2,173
  4. Vimokh
    Replies:
    3
    Views:
    5,810
    Vimokh
    Sep 6, 2006
  5. jayesh
    Replies:
    0
    Views:
    770
    jayesh
    Mar 14, 2007
Loading...

Share This Page