www.unix.org.ua

[f_mottini]

Hi,

i want to know if is correct this configuration for FWSM routeing.
i have a router 7200 with a lot of nekwork. Default route to internet a FWSM inside a Catalyst 6509. Catalyst and Rotuer use EIGRP to change routing table.

i use on the FWSM this routing is correct?
route outside 0.0.0.0 0.0.0.0 X.X.X.X 1
route inside 0.0.0.0 0.0.0.0 10.1.X.X 1

Where X.X.X.X is the ip of ISP router and 10.1.X.X 1 is the ip of the router.
Is correct?

Do you think is better to configure a ip to the VLAN XYZ interface on the switch and change route inside 0 0 --> ip vlan interface switch.
VLAN XYZ is the same vlan configured in the inside interface of FWSM

If my description is hard to understand say me something.


Thanks a lot best regards.

[giuslar]

i use on the FWSM this routing is correct?
route outside 0.0.0.0 0.0.0.0 X.X.X.X 1
route inside 0.0.0.0 0.0.0.0 10.1.X.X 1

Where X.X.X.X is the ip of ISP router and 10.1.X.X 1 is the ip of the router.
Is correct?

No, it isn't. You may use two default routes pointing to different IP next-hops out the SAME interface but not in this way.
for the inside you should be able to write some summary routes like

route inside 10.0.0.0 255.0.0.0 10.1.X.Y

eventually integrated with other static routes for other private IP addresses per RFC 1918 like

route inside 172.16.0.0 255.240.0.0 10.1.X.Y
route inside 192.168.0.0 255.255.0.0 10.1X.Y

in this way you should be fine


Hope to help
Giuseppe