Hope you can help me here…I'm having some issues with a router setup (I believe).

Config summary:

A 3560 router connect from port 0/1 to pcn, port 0/2 is connected to a netscreen 208 firewall with a dmz and an outside connection. The firewall was configured and testing before adding in the router switch and worked fine.

Testing:

- 3560 enhanced (I've attached a config file)

- can ping from the pcn to the outside interface on the router (192.168.3.1)

- cannot ping from the pcn to the firewall trusted port (192.168.3.2)

- can ping from the dmz to the outside port of the router (192.168.3.1)

- cannot ping from the dmz to inside port of the router (107.143.4.111)

- can ping from the router console to devices on the dmz

- can ping from the router console to devices on the pcn

version 12.2

no service pad

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname RTGSW_01

!

!

no aaa new-model

ip subnet-zero

ip routing

!

!

!

!

no file verify auto

spanning-tree mode pvst

spanning-tree extend system-id

!

--More-- vlan internal allocation policy ascending

!

!

interface GigabitEthernet0/1

no switchport

ip address 107.143.4.111 255.255.248.0

duplex full

!

interface GigabitEthernet0/2

no switchport

ip address 192.168.3.1 255.255.255.0

no ip redirects

no ip proxy-arp

duplex full

speed 100

!

interface GigabitEthernet0/3

!

interface GigabitEthernet0/4

!

interface GigabitEthernet0/5

!

interface GigabitEthernet0/6

--More-- !

interface GigabitEthernet0/7

!

interface GigabitEthernet0/8

!

interface GigabitEthernet0/9

!

interface GigabitEthernet0/10

!

interface GigabitEthernet0/11

!

interface GigabitEthernet0/12

!

interface GigabitEthernet0/13

!

interface GigabitEthernet0/14

!

interface GigabitEthernet0/15

!

interface GigabitEthernet0/16

!

interface GigabitEthernet0/17

!

--More-- interface GigabitEthernet0/18

!

interface GigabitEthernet0/19

!

interface GigabitEthernet0/20

!

interface GigabitEthernet0/21

!

interface GigabitEthernet0/22

!

interface GigabitEthernet0/23

!

interface GigabitEthernet0/24

!

interface GigabitEthernet0/25

!

interface GigabitEthernet0/26

!

interface GigabitEthernet0/27

!

interface GigabitEthernet0/28

!

interface Vlan1

--More-- no ip address

shutdown

!

ip classless

ip route 0.0.0.0 0.0.0.0 192.168.3.2

no ip http server

!

!

!

control-plane

!

!

line con 0

line vty 0 4

no login

line vty 5 15

no login

!

!

end

RTGSW_01#