Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Main office, remote office and the Internet

I'm new to all of this so please excuse my ignorance in advance. I'm looking for some advice on the best way to configure a particular setup. Here are the basics:

The main office has a 1720 connecting a remote office over a frac-T1 with a 1721 on the remote side. The main office has just put in a Watchguard FB1000 between their LAN and their ISP connection. They want both offices to have internet access through the firewall.

I believe I understand how to get the 2 offices communicating over the T1 via the routers. The main question comes when you add the firewall into the equation.

Since all Internet access from both the main office and remote office would go through the firewall, how do I configure the 2 routers to forward the traffic appropriately?

I assume the remote office router will just forward everything to the main office router, not even caring what's on the other side. The main office router would then forward all unknown destinations to the firewall. Am I on the right track?

Any advice would be greatly appreciated. The more detail the better.


A newbie


Re: Main office, remote office and the Internet

a default route pointing to the watchguard will do.

It does depend on which routing protocol you chose.

Given the size of the network, take a look at running RIP II. Heres a discussion of how to advertise a default route.


Re: Main office, remote office and the Internet

All you will need from the remote is a default, towards the main office. You could do a static, or run a routing protocol, if you want--any one will do, but eigrp or rip are going to be the easiest to configure. Beyond that, you'll need to advertise the networks reachable at the remote to the main office, and point a default at the firewall from the main office.

This should do what you want. Something like this:


-- static default route on R, the remote, pointing to M, the main

-- static default on M, main, pointing to the firewall

-- learned route on M for all the routes behind R, or possibly some statics on M pointing towards R for these routes.

I hope this makes sense.