+ Post New Thread
Page 5 of 6 FirstFirst 123456 LastLast
Results 61 to 75 of 90
Wired Networks Thread, Using Smoothwall Express With a Cisco Layer 3 Switch? in Technical; But you have put ip route 0.0.0.0 0.0.0.0 192.168.0.1 - This will send all vlans to smoothwall? I dont want ...
  1. #61

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,841
    Thank Post
    876
    Thanked 1,679 Times in 1,459 Posts
    Blog Entries
    12
    Rep Power
    444
    But you have put ip route 0.0.0.0 0.0.0.0 192.168.0.1 - This will send all vlans to smoothwall? I dont want to send all of them

    Why cant i put this?

    ip route 172.20.1.0 255.255.255.0 192.168.0.1
    ip route 172.20.2.0 255.255.255.0 192.168.0.1

  2. #62

    twin--turbo's Avatar
    Join Date
    Jun 2012
    Location
    Carlisle
    Posts
    2,334
    Thank Post
    1
    Thanked 381 Times in 340 Posts
    Rep Power
    150
    Quote Originally Posted by FN-GM View Post
    I want to specify the firewall for each vlan.
    Ok.

    It's client configuration time..

    You specify the DG as the firewall which must be plugged into the same vlan as the client.
    You Specify on the client static routes to the other vlans you want to access and put the gw as the IP of the vlan.

    Rob

  3. #63

    twin--turbo's Avatar
    Join Date
    Jun 2012
    Location
    Carlisle
    Posts
    2,334
    Thank Post
    1
    Thanked 381 Times in 340 Posts
    Rep Power
    150
    Your going to have to draw up a full diagram as I am struggling to understand what your trying to achieve.

    What is the purpose of the Smoothwall?

    Rob


    Edit: Hold on just re referenced the diagram...
    Last edited by twin--turbo; 21st November 2012 at 06:02 PM.

  4. #64

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,841
    Thank Post
    876
    Thanked 1,679 Times in 1,459 Posts
    Blog Entries
    12
    Rep Power
    444
    Why cant i put this?

    ip route 172.20.1.0 255.255.255.0 192.168.0.1
    ip route 172.20.2.0 255.255.255.0 192.168.0.1

  5. #65

    twin--turbo's Avatar
    Join Date
    Jun 2012
    Location
    Carlisle
    Posts
    2,334
    Thank Post
    1
    Thanked 381 Times in 340 Posts
    Rep Power
    150
    ip route 172.20.1.0 255.255.255.0 192.168.0.1
    ip route 172.20.2.0 255.255.255.0 192.168.0.1

    This tells the cisco that to get to any client on 172.20.1.0 that the next routing hop is the smoothwall. But in reality the cisco itself has these networks directly connected to it's vlan interfaces..

    to allow the clients to access the internet there must be a default gateway 0.0.0.0 0.0.0.0 which will send any networks it does not know about to the next hop.

    vlan interfaces are classed as directly connected routes so will take precedence over the DG.

    Rob

  6. #66

    twin--turbo's Avatar
    Join Date
    Jun 2012
    Location
    Carlisle
    Posts
    2,334
    Thank Post
    1
    Thanked 381 Times in 340 Posts
    Rep Power
    150
    its the smoothwall that needs to know how to reach the 172,,, networks

    rob

  7. #67

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,841
    Thank Post
    876
    Thanked 1,679 Times in 1,459 Posts
    Blog Entries
    12
    Rep Power
    444
    ip route 172.20.1.0 255.255.255.0 192.168.0.1
    ip route 172.20.2.0 255.255.255.0 192.168.0.1

    This tells the cisco that to get to any client on 172.20.1.0 that the next routing hop is the smoothwall.
    Well thats all i need to know. I dont want to send any/all networks to the smoothwall.

    I i had another vlan pointing to another Smoothwall box or another firewall product i just stick an additional ip route in.

  8. #68

    twin--turbo's Avatar
    Join Date
    Jun 2012
    Location
    Carlisle
    Posts
    2,334
    Thank Post
    1
    Thanked 381 Times in 340 Posts
    Rep Power
    150
    but your diagram shows the smoothwall as being the internet gateway

  9. #69

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,841
    Thank Post
    876
    Thanked 1,679 Times in 1,459 Posts
    Blog Entries
    12
    Rep Power
    444
    It is. But i still dont want to send all VLANS there.

  10. #70

    twin--turbo's Avatar
    Join Date
    Jun 2012
    Location
    Carlisle
    Posts
    2,334
    Thank Post
    1
    Thanked 381 Times in 340 Posts
    Rep Power
    150
    Quote Originally Posted by FN-GM View Post
    Well thats all i need to know. I dont want to send any/all networks to the smoothwall.

    I i had another vlan pointing to another Smoothwall box or another firewall product i just stick an additional ip route in.

    the commands will fail or cause odd routing

  11. #71

    twin--turbo's Avatar
    Join Date
    Jun 2012
    Location
    Carlisle
    Posts
    2,334
    Thank Post
    1
    Thanked 381 Times in 340 Posts
    Rep Power
    150
    It is. But i still dont want to send all VLANS there.
    then you need static routing on the clients to specify the hops to the other vlans. and their DG as their vlan firewall
    Last edited by twin--turbo; 21st November 2012 at 06:17 PM.

  12. #72

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,841
    Thank Post
    876
    Thanked 1,679 Times in 1,459 Posts
    Blog Entries
    12
    Rep Power
    444
    Quote Originally Posted by twin--turbo View Post
    then you need static routing on the clients to specify the hops to the other vlans. and their DG as their vlan firewall
    But why when i have a static route on the master switch? And if i set the DG as the firewall the Cisco wont be doing the routing.

  13. #73

    twin--turbo's Avatar
    Join Date
    Jun 2012
    Location
    Carlisle
    Posts
    2,334
    Thank Post
    1
    Thanked 381 Times in 340 Posts
    Rep Power
    150
    How are you going to get internet traffic to go to the smoothwall?

    What static route do you have on the master switch?
    Last edited by twin--turbo; 21st November 2012 at 06:22 PM.

  14. #74

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,841
    Thank Post
    876
    Thanked 1,679 Times in 1,459 Posts
    Blog Entries
    12
    Rep Power
    444
    Isnt fully setup yet.

    I dont understand why you would need to set a static route on the clients if these static routes are setup on the switch

    ip route 172.20.1.0 255.255.255.0 192.168.0.1
    ip route 172.20.2.0 255.255.255.0 192.168.0.1

  15. #75

    twin--turbo's Avatar
    Join Date
    Jun 2012
    Location
    Carlisle
    Posts
    2,334
    Thank Post
    1
    Thanked 381 Times in 340 Posts
    Rep Power
    150
    because they won't work.
    your telling the switch that those addresses are available via the smoothwall.

    look at your first diagram.

    pretend your the cisco.

    cisco "hmm, how do i get to 172.20.2.5?"
    cisco "well my routes say that mr smoothy should be able to tell be, he's on 192.168.0.1"
    smoothie "sorry mr cisco, have no idea where they are nowt to do with me"
    cisco "oh!"



    without those two ip routes...
    cisco "hmm how do i get to 172.20.0.5?"
    cisco "ahh that subnet is directly connted on vlan 2, super i will fire the packed ou vlan 2"

SHARE:
+ Post New Thread
Page 5 of 6 FirstFirst 123456 LastLast

Similar Threads

  1. Smoothwall Express Error
    By netadmin in forum *nix
    Replies: 8
    Last Post: 9th October 2007, 07:44 AM
  2. Replies: 3
    Last Post: 19th January 2007, 11:06 AM
  3. Anyone recommend Smoothwall Express?
    By OverWorked in forum *nix
    Replies: 15
    Last Post: 26th January 2006, 11:37 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •