Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".


Configuration of router and Firewall

HI SonicWALL community

I have A cisco router configured with Public IP address and performing a NAT

I have install the TZ370 behind cisco router and Firewall X0 is serving for LAN

To be more precise Router out port is configured with ISP

Inside port connected with firewall x1 WAN interface with and respectively

can you please guide me

1)how can i create static route between firewall and router

2) do i need a static routing between my router and firewall

3) If need to allow outside traffic to inside how can allow , i mean do i need to allow on firewall and router or only on firewall

Thanks for you reply

Category: Entry Level Firewalls


  • Options
    TKWITSTKWITS Community Legend ✭✭✭✭✭

    Is the Cisco Router absolutely necessary? A Sonicwall expects to have a publicly routable IP address on its WAN interface and may not perform as expected without a direct connection to the internet.

  • Options
    manishmanish Newbie ✭


    Thanks for reply me back. So Cisco is being used for long time we cant remove from our LAN.

    I am looking for solutions with cisco and SonicWALL firewall working together so i can also use SonicWall services like Global VPN SSL VPN

  • Options
    MitatOngeMitatOnge All-Knowing Sage ✭✭✭✭

    You should create Nat rule for outside to inside all ports.

    internet --> Cisco Router --> SonicWall X1 Ip

    You can find out below document "how to create Nat rule"

  • Options
    TKWITSTKWITS Community Legend ✭✭✭✭✭

    "So Cisco is being used for long time we cant remove from our LAN."

    A device in use 'for a long time' means that no one has had the gumption to question its existence and necessity. I've pulled plenty of Cisco routers out because they weren't needed, and clients have said 'why was it there in the first place if it wasn't needed?'. My reply: I didn't install it so I can't answer that question.

    1. If the Sonicwalls WAN interface is using the Cisco's LAN IP as it's default gateway than that route exists.
    2. Technically, no because the Sonicwall is also NATing all the traffic being sent to the Cisco.
    3. You would need to allow external traffic in through both the Cisco and Sonicwall since you are double NATing.

    Please refer to my first post again.

  • Options
    ariyanoariyano Newbie ✭


    I'm not trying to hijack this thread, but my question is very similar to the actual question, so I guess this is the best place to ask.

    My setup is this: commands have been shorted, only to show related config.

    Cisco 1900 Router:

    gig 0/0 = (p2p to my isp, it's a microwave link)

    ip nat ouside

     ip address secondary (Public IP)

     ip address (Local lan)

    ip nat inside

    ip dns server

    ip nat pool CAFE netmask

    ip nat inside source list 10 pool CAFE overload

    ip route

    dialer-list 1 protocol ip permit

    access-list 10 permit

    access-list 20 permit

    access-list 20 permit


    X0 = Management

    X1 =

    X2 = lan)

    My question here is. I would like all the Public ips to be routed from Sonicwall. I want the cisco router to only act as a bridge. All the nat would happen on Sonicwall. How do I achieve this?

    Should I assign one Public IP to X1 port on sonicwall? should that publish my sonicwall on the internet? And nat accordingly?

    Any help on this will be highly appreciated.



Sign In or Register to comment.