Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

getting problem for internet through router

Respected sir,

one of our client is having cisco 2800 series router and he is using internet through leaseline and also using firewall but his requirment is that if in future his firewall goes down then in that condition he wants to use the internet by giving static ip and gateway of router infact we had tried a lot for that by connecting router to switch instead of firewall but he is not getting internet but when i am taking the pc in public ip range then he gets the internet but the client wants the internet through private ip range. The following is his network connectivity.

router-firewall-switch-lan.

routers eth0/0 ip is 192.168.0.3

eth0/1 ip is public ip

his eth0/0 is connected to switch and eth0/1 is connected to firewall and firewall is connected to switch. In this way his internet is working properly but he wants internet without firewall but in private ip range.

5 REPLIES
Bronze

Re: getting problem for internet through router

The only options I would see is, if he wants automatic failover, to purchase an additional firewall and run in Active/Standby mode. If he's dead set against using the router if the firewall goes down, the router will need to get repatched to the local lan and re-ip addressed for the LAN to be able to talk to the router.

Why is the firewall going down to begin with?

Hope this helps, rate if it does,

JB

New Member

Re: getting problem for internet through router

I want to use Router's IP as a Gateway.

Also I want to use internet in following series; Router-Switch-LAN

don't want router-Firewall-switch-LAN.

Please give us solution on that.

Nikhil Suratwala

New Member

Re: getting problem for internet through router

the only option I can see is to connect the internet to a switch, and both the firewall and router to the switch. The other end of the router to another switch and the LAN. On the router you can use floating static default routes, primary to the firewall and secondary directly to the internet. Note that the router will have to NAT in this case. Also note that it is possible to bypass the firewall from the outside.

A dual (standby/active) firewall setup is much to prefer, although a router can do some basic protection with access lists and IP inspection (depending on IOS)

New Member

Re: getting problem for internet through router

Can you please give me another option.

Bronze

Re: getting problem for internet through router

What type of router? What software/feature set are you running? You can run router - switch - lan just fine. You'll need to enable NAT, Firewall/ACL and/or IDS. If you have an ISR most come with the SDM software. That should walk you through this process like a breeze. If not, there are still ways to do it, although I would recommend staying with the firewall. Let the router, route and the firewall be a firewall. Why are you trying to get rid of the firewall again?

Hope this helps, rate if it does,

JB

95
Views
0
Helpful
5
Replies