Configuring a 2621XM Router as a NAT/Firewall

darrenoleary · ‎03-28-2009

I have a 2621XM router and was wanting to use it as a NAT/firewall for my network and was wanting to know how I should go about configuring it to achieve this.

FE0/0 is the outside interface, configured as 10.1.1.254 and is connected to my ADSL modem.

FE0/1 is the inside interface, configured as 192.168.x.254 and is connected to my internal network. I have also subetted my network for various vlans (172.16.x.x) with a Router-on-a-Stick ocnfiguration.

As I run my own domain and name server with MS Exchange, I need to be able to continue the advertising of my presence. This is currently done by Microsoft ISA 2004 Server. The server publishing rules do this for me and it works well, but I want to replace the server with the 2621XM router.

The ISA server is my gateway and is configured as 192.168.x.254

Is anyone able to provide details on how I can configure the router to achieve these goals and allow the appropriate traffic through the interfaces, in and out.

I know ACLs may help me achieve this, but I need some direction in the configuration setup of whether it should be in or out. How can I continue to 'publish' my DNS and Exchange servers?

thanks.

Darren

Giuseppe Larosa · ‎03-28-2009

Hello Darren,

you need an IOS image with firewall feature set to use it as a firewall.

Use

sh ver | inc image

from the image name is possible to understand the feature set.

Hope to help

Giuseppe

darrenoleary · ‎03-28-2009

Thanks Giuseppe .

I am running the Advanced Enterprise IOS ver 12.4(23) - c2600-adventerprisek9-mz.124-23.bin.

thanks,

Darren