Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Route all traffic through HQ Firewall

I've got the following scenario (attached).

I would like to route all branch office traffic (including internet traffic) through the UTM Firewall at HQ.

Each site should establish an IPSEC tunnel with the Cisco 2821 back at HQ.

All internet traffic from the brach offices should pass through the UTM Firewall (NAT) before heading out to the internet,

1) Should the 2821 be configured to have an internet IP or should it sit behind the Firewall?

2) What would be the default gateway on the 2821 if it has its own internet IP?

3) In this scenario, how does the 2821 direct traffic out the UTM Firewall as opposed to out it's own Internet facing Interface?

4) in the event of an internet outage at HQ can I place 2 default routes (1 for HQ and 1 for local ISP) on the brach routers or do i need an IP SLA for this?

Thanks for any input.

1 REPLY

Route all traffic through HQ Firewall

Hi Keith,

Please check the below thread discussing the same requirement..

https://supportforums.cisco.com/thread/2128940

hth

MS

845
Views
0
Helpful
1
Replies
CreatePlease to create content