PPPoA bridge on 857 router?

rickrude11 · Jun 4, 2009

I have a FortiGate firewall behind a cisco 857 router, and rather than double-nat I would like to be able to bridge the interfaces on the 857 so that the public IP terminates on the Fortigate firewall. Yes they want the firewall for web filtering.

Is this possible? Surely it is.

cheers all.

burtsbees · Jun 6, 2009

Yes, with IRB. You create a bridge-group and assign that bridge group to the WAN and LAN interfaces of the router (or in this case, outbound and inbound, not WAN/LAN)...here's a good sample...

http://www.akadia.com/services/bridged_cisco_router.html

HTH

/

rickrude11 · Jun 6, 2009

This is an atm interface, and has to authenticate the ppp session. I have been researching half-bridging, and this is what I need to use. On the dialer interface, the command ppp bridge ip enables half-bridging, but I haven't had any success yet. I only have 1 dynamic IP assigned by the isp.

I have tried bridging vlan1, dialer0, and atm0, but only the vlan interface actually appears in the show bridge output.

My fail option is to create a 1 to 1 nat to the firewall, but this is not the best. I want to terminate a couple of IPSec tunnels on the firewall. I could always put the tunnels on the cisco, but it is still ugly.

cheers

Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

PPPoA bridge on 857 router?

rickrude11

IS-IT--Management

burtsbees

Programmer

rickrude11

IS-IT--Management

Similar threads

Part and Inventory Search

Sponsor