Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Configuration of router and Firewall

HI SonicWALL community

I have A cisco router configured with Public IP address and performing a NAT

I have install the TZ370 behind cisco router and Firewall X0 is serving for LAN

To be more precise Router out port is configured with ISP

Inside port connected with firewall x1 WAN interface with 192.168.1.1 and 192.168.1.2 respectively

can you please guide me

1)how can i create static route between firewall and router

2) do i need a static routing between my router and firewall

3) If need to allow outside traffic to inside how can allow , i mean do i need to allow on firewall and router or only on firewall

Thanks for you reply

Category: Entry Level Firewalls
Reply

Answers

  • TKWITSTKWITS Community Legend ✭✭✭✭✭

    Is the Cisco Router absolutely necessary? A Sonicwall expects to have a publicly routable IP address on its WAN interface and may not perform as expected without a direct connection to the internet.

  • manishmanish Newbie ✭

    HI TKWITS

    Thanks for reply me back. So Cisco is being used for long time we cant remove from our LAN.

    I am looking for solutions with cisco and SonicWALL firewall working together so i can also use SonicWall services like Global VPN SSL VPN

  • MitatOngeMitatOnge All-Knowing Sage ✭✭✭✭

    You should create Nat rule for outside to inside all ports.

    internet --> Cisco Router --> SonicWall X1 Ip


    You can find out below document "how to create Nat rule"


  • TKWITSTKWITS Community Legend ✭✭✭✭✭

    "So Cisco is being used for long time we cant remove from our LAN."

    A device in use 'for a long time' means that no one has had the gumption to question its existence and necessity. I've pulled plenty of Cisco routers out because they weren't needed, and clients have said 'why was it there in the first place if it wasn't needed?'. My reply: I didn't install it so I can't answer that question.

    1. If the Sonicwalls WAN interface is using the Cisco's LAN IP as it's default gateway than that route exists.
    2. Technically, no because the Sonicwall is also NATing all the traffic being sent to the Cisco.
    3. You would need to allow external traffic in through both the Cisco and Sonicwall since you are double NATing.

    Please refer to my first post again.

  • ariyanoariyano Newbie ✭

    HI,

    I'm not trying to hijack this thread, but my question is very similar to the actual question, so I guess this is the best place to ask.


    My setup is this: commands have been shorted, only to show related config.


    Cisco 1900 Router:

    gig 0/0 = 123.123.123.123/30 (p2p to my isp, it's a microwave link)

    ip nat ouside

     ip address 22.22.22.41 255.255.255.248 secondary (Public IP)

     ip address 11.11.11.254/32 (Local lan)

    ip nat inside

    ip dns server

    ip nat pool CAFE 22.22.22.43 22.22.22.22.43 netmask 255.255.255.248

    ip nat inside source list 10 pool CAFE overload

    ip route 0.0.0.0 0.0.0.0 123.123.123.13

    dialer-list 1 protocol ip permit

    access-list 10 permit 11.11.11.0 0.0.0.255

    access-list 20 permit 62.171.181.153

    access-list 20 permit 5.189.162.239


    Sonicwall:

    X0 = Management

    X1 = 11.11.11.253(Wan)

    X2 = 33.33.33.33(local lan)


    My question here is. I would like all the Public ips to be routed from Sonicwall. I want the cisco router to only act as a bridge. All the nat would happen on Sonicwall. How do I achieve this?


    Should I assign one Public IP to X1 port on sonicwall? should that publish my sonicwall on the internet? And nat accordingly?


    Any help on this will be highly appreciated.

    Thanks,

    Aj.

Sign In or Register to comment.