Cisco 4500 Static Route Question

mshen · ‎03-19-2008

Currently I have a static route:

ip route 0.0.0.0 0.0.0.0 172.20.xx.xx

where 172.20.xx.xx is my firewall. I don't want the firewall to process internal traffic so im adding another route:

ip route 172.20.0.0 255.255.0.0 172.20.xx.1

where 172.20.xx.1 is my gateway.

I'm just double checking to make sure this is the right thing to do.

Thanks

JORGE RODRIGUEZ · ‎03-20-2008

If you could give a little more details on your topology perhaps we could give better answer.

"Currently I have a static route: "

ip route 0.0.0.0 0.0.0.0 172.20.xx.xx

this is not ordinary static route, this is a default route on your 4500 pointing to your firewall as a gateway of last resort for all your internal subnets within 4500 to be able to get outbound internet via firewall.

If you have several vlans in your 4500 including subnets from 172.20.0.0 net all internal traffic is contained within the 4500 through inter-vlan routing and does not hit the firewall unless traffic needs to go outbound internet.

Please clarify to assist you better.

Rgds

Jorge

Jorge Rodriguez

mshen · ‎03-21-2008

Thats what I needed to know. I saw the route and thought it meant all the traffic would be processed by the firewall.

Thanks

JORGE RODRIGUEZ · ‎03-21-2008

Shen, you are very welcome, glad I was able to help clarifying your doubts, if you could rate post as resolved that will be great, as we are always here to help.

Rgds

Jorge

Jorge Rodriguez