Urgent help reqd! - Cisco router sitting in front of hardware firewall

Discussion in 'Cisco' started by Kapamarou, Dec 31, 2003.

  1. Kapamarou

    Kapamarou Guest

    Hi everyone,

    we have just purchased a third party firewall (Watchguard) to run behind our
    1720 router which up until now was connected on ADSL and was doing all the
    NATting and ACLs.

    Now the firewall requires the public IP of the router as it's default
    gateway which we have given it but we are not sure on what changes need to
    be applied on the Cisco in order for this to work. (I assume the access
    lists and the NAT statements need to be deleted) I was also wondering of
    there is any routing that needs to be specified on the Cisco as it needs to
    know that the traffic coming from the public IP of the firewall needs to go
    out through the Dialler interface.

    This is not a production router so wiping the config and starting again will
    not be a problem!

    Many thanks in advance,

    Kapa
    Kapamarou, Dec 31, 2003
    #1
    1. Advertising

  2. "Kapamarou" <> wrote in message
    news:1rAIb.110$-net.net...
    > Now the firewall requires the public IP of the router as it's default
    > gateway which we have given it but we are not sure on what changes need to
    > be applied on the Cisco in order for this to work.


    Probably nothing. Is it working? Does the Watchguard now do NAT?? Can it
    replace the router outright?

    > I was also wondering of
    > there is any routing that needs to be specified on the Cisco as it needs

    to
    > know that the traffic coming from the public IP of the firewall needs to

    go
    > out through the Dialler interface.


    You have not provided enough information for an informed reply.
    Phillip Remaker, Dec 31, 2003
    #2
    1. Advertising

  3. In article <1rAIb.110$-net.net>,
    Kapamarou <> wrote:
    :we have just purchased a third party firewall (Watchguard) to run behind our
    :1720 router which up until now was connected on ADSL and was doing all the
    :NATting and ACLs.

    :Now the firewall requires the public IP of the router as it's default
    :gateway which we have given it but we are not sure on what changes need to
    :be applied on the Cisco in order for this to work.

    :This is not a production router so wiping the config and starting again will
    :not be a problem!

    If this is not a production router, what is it about the situation
    that leads you to require assistance urgently?

    I must be in a bad mood today I guess, but it seems to me that if you
    are in a commercial environment and you didn't know how you were
    going to integrate the new equipment and you were going to need
    it integrated quickly, then you should have hired a consultant
    or opened a case with the TAC. If it's not worth hiring a consultant
    for and not worth having a SmartNet contract for, then chances are
    that it isn't urgent and can wait until after New Years Day.

    If you continue to feel that it is urgent, then perhaps you
    should restore the previous topology and configuration until
    such time as you can bring someone in to help you.

    I notice you don't even bother to supply a valid email address
    or phone number.

    Sorry, the information you give just makes it look too much
    like you are taking advantage of us.
    --
    Everyone has a "Good Cause" for which they are prepared to Spam.
    -- Roberson's Law of the Internet
    Walter Roberson, Dec 31, 2003
    #3
  4. Kapamarou

    Guest Guest

    Walter,
    I agree, he should pay someone. The only people in my office are the
    technical people, everyone else left at noon so I'm in a bad mood too.

    But I'll give him a little hint, since the router is now nothing more then a
    TA can you say "ip unnumbered"
    Guest, Dec 31, 2003
    #4
  5. Kapamarou

    Hugo Drax Guest

    "Walter Roberson" <-cnrc.gc.ca> wrote in message
    news:bsv4h7$7jv$...
    > In article <1rAIb.110$-net.net>,
    > Kapamarou <> wrote:
    > :we have just purchased a third party firewall (Watchguard) to run behind

    our
    > :1720 router which up until now was connected on ADSL and was doing all

    the
    > :NATting and ACLs.
    >
    > :Now the firewall requires the public IP of the router as it's default
    > :gateway which we have given it but we are not sure on what changes need

    to
    > :be applied on the Cisco in order for this to work.
    >
    > :This is not a production router so wiping the config and starting again

    will
    > :not be a problem!
    >
    > If this is not a production router, what is it about the situation
    > that leads you to require assistance urgently?
    >
    > I must be in a bad mood today I guess, but it seems to me that if you
    > are in a commercial environment and you didn't know how you were
    > going to integrate the new equipment and you were going to need
    > it integrated quickly, then you should have hired a consultant
    > or opened a case with the TAC. If it's not worth hiring a consultant
    > for and not worth having a SmartNet contract for, then chances are
    > that it isn't urgent and can wait until after New Years Day.
    >
    > If you continue to feel that it is urgent, then perhaps you
    > should restore the previous topology and configuration until
    > such time as you can bring someone in to help you.
    >
    > I notice you don't even bother to supply a valid email address
    > or phone number.
    >
    > Sorry, the information you give just makes it look too much
    > like you are taking advantage of us.



    He probably low balled a bid and now is stuck in a corner hehe. Fly By Night
    Enterprises.
    Hugo Drax, Jan 2, 2004
    #5
  6. Kapamarou

    Hugo Drax Guest

    <RC> wrote in message news:3ff332a4$0$18402$...
    > Walter,
    > I agree, he should pay someone. The only people in my office are the
    > technical people, everyone else left at noon so I'm in a bad mood too.
    >
    > But I'll give him a little hint, since the router is now nothing more then

    a
    > TA can you say "ip unnumbered"
    >
    >


    hehe I closed shop for 3 weeks, :) My typical waking up time now 11:00AM
    Hugo Drax, Jan 2, 2004
    #6
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. spremkumar

    Help Reqd in Qos

    spremkumar, Dec 26, 2003, in forum: Cisco
    Replies:
    0
    Views:
    468
    spremkumar
    Dec 26, 2003
  2. elaich

    Re: putting a firewall in front of a router

    elaich, Jun 8, 2005, in forum: Computer Support
    Replies:
    0
    Views:
    457
    elaich
    Jun 8, 2005
  3. Replies:
    3
    Views:
    2,521
    pcbutts1
    Jun 9, 2005
  4. NZed
    Replies:
    15
    Views:
    462
    Brendan
    Dec 2, 2003
  5. pooja
    Replies:
    0
    Views:
    1,173
    pooja
    Mar 3, 2009
Loading...

Share This Page