Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
402
Views
0
Helpful
3
Replies

Lan to Lan router ios firewall

habbas.ali
Level 1
Level 1

‎07-25-2006 09:48 AM - edited ‎03-03-2019 01:27 PM

Hello, i want to install a router with two interfaces fastethernet between my Lan and a prolan as a firewall.

Lan-----Router/firewall----RouterProlan------Network's partners/RoamingUsers

I have configured only the routing and Nat without filtering but it don't work

I can ping only the 192.168.51.0 network but no others networks in the prolan. And roaming users cannot access to Lan

Any help

It's 1721 router with a Cisco 4-port 10/100BASE-T Fast Ethernet Switch WAN Interface Card (WIC-4ESW)

Thanks

Labels:
Preview file
4 KB
0 Helpful
3 Replies 3

gpulos
Level 8
Level 8

‎07-25-2006 10:03 AM

please provide a "show ip route" output.

please provide the source & destination addresses you're trying to get to communicate.

also, i dont see a proper network for VLAN1 begin serviced by OSPF.

your OSFP is servicing:

10.166.50.0/24 and (network 10.166.50.0 0.0.0.255)

10.166.0.0 - 10.166.3.255 (network 10.166.0.0 0.0.3.255)

where is the VLAN1 network 10.166.10.0/22 in ospf? if your source network is 10.166.10.0/22 and you have no static routes on the other routers for this network, it should not work. you need to get OSPF to advertise 10.166.10.0/22.

a better OSPF network entry could be:

network 10.166.50.0 0.0.0.255 area 0 (advertise 10.166.50.0/24)

network 10.166.10.0 0.0.3.255 area 0 (advertise 10.166.10.0 - 10.166.13.255)

0 Helpful

gpulos
Level 8
Level 8
In response to gpulos

‎07-25-2006 10:16 AM

oops...did i do my 10.166.0.0 0.0.3.255 calculation right? verify plz...may have mistated this....

also, since your access-lists in use on the interfaces allow all IP, then remove them for a test without them to see if you get different results.

0 Helpful

habbas.ali
Level 1
Level 1
In response to gpulos

‎07-27-2006 05:10 PM

I tought network 10.166.0.0 0.0.3.255 area 0 is to advertise the 10.166.0.0 /22 network isn't?

But i made a mistake here my network is 10.166.8.0 /22

So opsf command should be network 10.166.8.0 0.0.3.255 area 0 is it right?

I have the same problem with or without access-list

Also i have the same problem with a static route

For exemple Destination adress 192.168.53.7 (host in the partner metwork via the prolan) Source address host 10.166.11.30 /22

I have the problem, even if i enter an ip route 192.168.53.0 255.255.255.0 10.166.50.1(the prolan router). And i ve a default route ip route 0.0.0.0 0.0.0.0 10.166.50.1

Lan---------------routerfirewall--------Routerprolan

10.166.8.0/22 F1 F0 10.166.50.1

The interface F1 is the first interface of the WIC-4ESW i ve plugged a cable from F1 to the Lan switches

I ve putted F1 in vlan 1 because i cannot enter an ip address to F1

is it correct config?

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card