| Author |
SonicWall 3060 and Cisco 2611
|
|
| shernandez0 2005-04-05, 1:51 pm |
| I am configuring SonicWall 3060 for VPN access and using a Cisco 2611. I am not too familiar with Cisco but wanted to know if anyone can tell me how to forward ipsec traffic to a port on sonicwall? I was told I will need enable ip protocol 50 in order for it to work. Can anyone tell me what the commands are for Cisco?
Thanks!! | |
| larkspur 2005-04-06, 9:24 pm |
| Ditch the Sonicwall and do rexive acl's on te 2611. You can control ports with and forwardig with it. | |
| shernandez0 2005-04-06, 10:13 pm |
| I was told that I will need to configure the clients to point to the Cisco's public ip and then configure cisco to forward ipsec traffic to sonicwall in order to work. I am not sure how to do this and what commands used to configure Cisco. Any ideas? I can't ditch the Sonicwall if we already have it, that is not a choice. I'm wondering if anyone has configured this before that may have an opinion.
Thanks,
Sergio | |
| larkspur 2005-04-08, 11:56 am |
| what IOS version are you running? | |
| shernandez0 2005-04-08, 12:01 pm |
| I have version 12.2 | |
| larkspur 2005-04-20, 10:32 pm |
| sorry it took long to get back.
If you had a VPN mod for your router that could work. but that is not what you are asking.
So you could apply an ACL that will only pass the ipsec traffic directly to the SONICWALL.
make sense?
is the sonicwall in the DMZ? | |
| shernandez0 2005-04-21, 2:22 am |
| That's correct and I don't have the sonicwall on the DMZ. I have the sonicwall configured to a catalyst switch and then back to the router. The router is configured with a static public ip from provider and we then use another provider for a range of public ip's which we nat to internal ip addresses on our network. One of those public ip's is used for the sonicwall right now. But, i was told to use the router's public ip and then have the router forward ipsec traffic to the SonicWall's port. it's pretty confusing as to how we have our network configured but, I need to have this box working for both firewall and vpn.
Let me know your thoughts.
Thanks,
Sergio | |
| larkspur 2005-04-25, 11:57 pm |
| I am trying to get a visual of the setup.
So the sonicwall sits directly behind the border router(internet router)?
You are using the VPN feature of the sonic wall or you using the VPN and FW features?
The sonicwall and border router both connect into the switch?
The switch would be consderedyoru external switch, if you will?
Sorry for the questions I am trying to get a better ubderstand.
My VPN concentrator has two ints so it is a little easier. I have one pointing externaly and the other internaly which appears to be the same as you. Why do you want your router to pass the IPSEC traffic to the sonicwall? The config you have now seems ok. |
|
|
|