Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Lan to Lan router ios firewall

Hello, i want to install a router with two interfaces fastethernet between my Lan and a prolan as a firewall.

Lan-----Router/firewall----RouterProlan------Network's partners/RoamingUsers

I have configured only the routing and Nat without filtering but it don't work

I can ping only the network but no others networks in the prolan. And roaming users cannot access to Lan

Any help

It's 1721 router with a Cisco 4-port 10/100BASE-T Fast Ethernet Switch WAN Interface Card (WIC-4ESW)



Re: Lan to Lan router ios firewall

please provide a "show ip route" output.

please provide the source & destination addresses you're trying to get to communicate.

also, i dont see a proper network for VLAN1 begin serviced by OSPF.

your OSFP is servicing: and (network - (network

where is the VLAN1 network in ospf? if your source network is and you have no static routes on the other routers for this network, it should not work. you need to get OSPF to advertise

a better OSPF network entry could be:

network area 0 (advertise

network area 0 (advertise -


Re: Lan to Lan router ios firewall

oops...did i do my calculation right? verify plz...may have mistated this....

also, since your access-lists in use on the interfaces allow all IP, then remove them for a test without them to see if you get different results.

New Member

Re: Lan to Lan router ios firewall

I tought network area 0 is to advertise the /22 network isn't?

But i made a mistake here my network is /22

So opsf command should be network area 0 is it right?

I have the same problem with or without access-list

Also i have the same problem with a static route

For exemple Destination adress (host in the partner metwork via the prolan) Source address host /22

I have the problem, even if i enter an ip route prolan router). And i ve a default route ip route

Lan---------------routerfirewall--------Routerprolan F1 F0

The interface F1 is the first interface of the WIC-4ESW i ve plugged a cable from F1 to the Lan switches

I ve putted F1 in vlan 1 because i cannot enter an ip address to F1

is it correct config?