Urgent help reqd! - Cisco router sitting in front of hardware firewall

Discussion in 'Cisco' started by Kapamarou, Dec 31, 2003.

  1. Kapamarou

    Kapamarou Guest

    Hi everyone,

    we have just purchased a third party firewall (Watchguard) to run behind our
    1720 router which up until now was connected on ADSL and was doing all the
    NATting and ACLs.

    Now the firewall requires the public IP of the router as it's default
    gateway which we have given it but we are not sure on what changes need to
    be applied on the Cisco in order for this to work. (I assume the access
    lists and the NAT statements need to be deleted) I was also wondering of
    there is any routing that needs to be specified on the Cisco as it needs to
    know that the traffic coming from the public IP of the firewall needs to go
    out through the Dialler interface.

    This is not a production router so wiping the config and starting again will
    not be a problem!

    Many thanks in advance,

    Kapa
     
    Kapamarou, Dec 31, 2003
    #1
    1. Advertisements

  2. Probably nothing. Is it working? Does the Watchguard now do NAT?? Can it
    replace the router outright?
    You have not provided enough information for an informed reply.
     
    Phillip Remaker, Dec 31, 2003
    #2
    1. Advertisements

  3. :we have just purchased a third party firewall (Watchguard) to run behind our
    :1720 router which up until now was connected on ADSL and was doing all the
    :NATting and ACLs.

    :Now the firewall requires the public IP of the router as it's default
    :gateway which we have given it but we are not sure on what changes need to
    :be applied on the Cisco in order for this to work.

    :This is not a production router so wiping the config and starting again will
    :not be a problem!

    If this is not a production router, what is it about the situation
    that leads you to require assistance urgently?

    I must be in a bad mood today I guess, but it seems to me that if you
    are in a commercial environment and you didn't know how you were
    going to integrate the new equipment and you were going to need
    it integrated quickly, then you should have hired a consultant
    or opened a case with the TAC. If it's not worth hiring a consultant
    for and not worth having a SmartNet contract for, then chances are
    that it isn't urgent and can wait until after New Years Day.

    If you continue to feel that it is urgent, then perhaps you
    should restore the previous topology and configuration until
    such time as you can bring someone in to help you.

    I notice you don't even bother to supply a valid email address
    or phone number.

    Sorry, the information you give just makes it look too much
    like you are taking advantage of us.
     
    Walter Roberson, Dec 31, 2003
    #3
  4. Kapamarou

    Guest Guest

    Walter,
    I agree, he should pay someone. The only people in my office are the
    technical people, everyone else left at noon so I'm in a bad mood too.

    But I'll give him a little hint, since the router is now nothing more then a
    TA can you say "ip unnumbered"
     
    Guest, Dec 31, 2003
    #4
  5. Kapamarou

    Hugo Drax Guest


    He probably low balled a bid and now is stuck in a corner hehe. Fly By Night
    Enterprises.
     
    Hugo Drax, Jan 2, 2004
    #5
  6. Kapamarou

    Hugo Drax Guest

    hehe I closed shop for 3 weeks, :) My typical waking up time now 11:00AM
     
    Hugo Drax, Jan 2, 2004
    #6
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.