1601 in passthru mode

[billmx]

I don't know if there is such thing as passthru mode, but I have a 1601 connected to our ISP that has NAT, Access lists, etc setup. I want to move all this functionality to a Sonicwall that will sit behind the cisco. I will need to direct external traffic looking for one of our servers through to the sonicwall. Will a configuration like this work to have the cisco in "pass thru" mode ?

Thanks,
Bill



!
version 12.0
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname companyinc
!
enable secret xxxxxxxxxxxxxxxxxxxxxxxxx
enable password xxxxxxxxxxxx
!
username companyinc password
ip subnet-zero
no ip source-route
no ip finger
!
!
!
interface Ethernet0
ip address xxx.xxx.xxx.187 255.255.255.248
no ip directed-broadcast
no ip proxy-arp
ip nat inside
no cdp enable
!
interface Serial0
description *********** WAN interface if using Serial ***********
ip address xxx.xxx.xxx.186 255.255.255.248
no ip directed-broadcast
no ip proxy-arp
ip nat outside
encapsulation frame-relay IETF
no fair-queue
frame-relay interface-dlci 16
frame-relay lmi-type ansi
!

!
no ip forward-protocol udp bootpc
ip route 0.0.0.0 0.0.0.0 xxx.xxx.xxx.185

!
!
no cdp run
snmp-server community public RO
!

!
end

 

[KiscoKid]

It sounds like you just want your router to be .. a router I guess. Your config has NAT statements so you don't need any of that. It does of course mean your router will be public facing and will need a public address. Presumably you'd want your sonicwall to attach directly to the ethernet port on your router. Your sonicwall will need a public address too. You could entertain running ip unnumbered on the WAN interface (borrow the public address from your router's ethernet interface), then your sonicwall can be assigned a public address from the same subnet as the router and the upstream WAN ISP device.

 

[PeterHurst]

Alternatively put the router into Bridge mode and bridge E0 and S1 so you can use all the IP'S on the Sonicwall.

You wouldn't need an IP on the cisco at all if you use console for management.

at a rough guess - although I haven't tried bridging frame relay..


version 12.1
ip subnet-zero
no ip routing
no ip finger
no ip domain-lookup
!
interface Ethernet0/0
no ip address
no ip redirects
no ip proxy-arp
no ip route-cache
half-duplex
no cdp enable
bridge-group 1
!
interface Serial0/0
no ip address
no ip route-cache
encapsulation frame-relay IETF
no fair-queue
frame-relay interface-dlci 16
frame-relay lmi-type ansi
no cdp enable
bridge-group 1
!
ip classless
no ip http server
!
!
no cdp run
bridge 1 protocol ieee
!
end

 

[billmx]

Thanks for the info. I am going to try to run the cisco in bridge mode following the intructions from Peterhurst. One question on that config though .... do I need to specify half-duplex on ethernet 0 ?

thanks,
Bill

 

[billmx]

Ok ...... I can't seem to get this working in bridge mode. I can't even ping the isp's router so I don't think any traffice at all is going through the cisco router. Here is the running-config and maybe someone can see what is wrong. Thanks !

Bill


!
version 12.0
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname companyname
!
enable secret xxxxxxxxxxxxxxxxx
enable password xxxxxxxxxxxx
!
username companyname password xxxxxxxxxxxxxxxxxxxxxxxx
ip subnet-zero
no ip source-route
no ip routing
no ip finger
!
!
!
interface Ethernet0
no ip address
no ip redirects
no ip directed-broadcast
no ip proxy-arp
no ip route-cache
no cdp enable
bridge-group 1
!
interface Serial0
no ip address
no ip directed-broadcast
no ip proxy-arp
encapsulation frame-relay IETF
no ip route-cache
no fair-queue
frame-relay interface-dlci 16
frame-relay lmi-type ansi
bridge-group 1
!
!
ip classless
no ip forward-protocol udp bootpc
!
no cdp run
snmp-server community public RO
bridge 1 protocol ieee
!