Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

FWSM DOUBLE DEFAULT ROUTE

Hi,

i want to know if is correct this configuration for FWSM routeing.

i have a router 7200 with a lot of nekwork. Default route to internet a FWSM inside a Catalyst 6509. Catalyst and Rotuer use EIGRP to change routing table.

i use on the FWSM this routing is correct?

route outside 0.0.0.0 0.0.0.0 X.X.X.X 1

route inside 0.0.0.0 0.0.0.0 10.1.X.X 1

Where X.X.X.X is the ip of ISP router and 10.1.X.X 1 is the ip of the router.

Is correct?

Do you think is better to configure a ip to the VLAN XYZ interface on the switch and change route inside 0 0 --> ip vlan interface switch.

VLAN XYZ is the same vlan configured in the inside interface of FWSM

If my description is hard to understand say me something.

Thanks  a lot best regards.

Everyone's tags (3)
1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Silver

Re: FWSM DOUBLE DEFAULT ROUTE

Hello F.Mottini,

>>  use on the FWSM this routing is correct?

route outside 0.0.0.0 0.0.0.0 X.X.X.X 1

route inside 0.0.0.0 0.0.0.0 10.1.X.X 1

Where X.X.X.X is the ip of ISP router and 10.1.X.X 1 is the ip of the router.

Is correct?

No, it isn't. You may use two default routes pointing to different IP next-hops out the SAME interface but not in this way.

for the inside you should be able to write some summary routes like

route inside 10.0.0.0 255.0.0.0 10.1.X.Y

eventually integrated with other static routes for other private IP addresses per RFC 1918 like

route inside 172.16.0.0 255.240.0.0 10.1.X.Y

route inside 192.168.0.0 255.255.0.0 10.1X.Y

in this way you should be fine

Hope to help

Giuseppe

1 REPLY
Hall of Fame Super Silver

Re: FWSM DOUBLE DEFAULT ROUTE

Hello F.Mottini,

>>  use on the FWSM this routing is correct?

route outside 0.0.0.0 0.0.0.0 X.X.X.X 1

route inside 0.0.0.0 0.0.0.0 10.1.X.X 1

Where X.X.X.X is the ip of ISP router and 10.1.X.X 1 is the ip of the router.

Is correct?

No, it isn't. You may use two default routes pointing to different IP next-hops out the SAME interface but not in this way.

for the inside you should be able to write some summary routes like

route inside 10.0.0.0 255.0.0.0 10.1.X.Y

eventually integrated with other static routes for other private IP addresses per RFC 1918 like

route inside 172.16.0.0 255.240.0.0 10.1.X.Y

route inside 192.168.0.0 255.255.0.0 10.1X.Y

in this way you should be fine

Hope to help

Giuseppe

495
Views
0
Helpful
1
Replies
CreatePlease to create content