0

I have the following topology working but i would like to be able to filter the traffic using a software router such as Zentyal.

Current [INTERNET] === [Cisco 2600] ===[Cisco Switch] === [Machines]

Proposed [INTERNET] ===[Zentyal] === [Cisco 2600] ===[Cisco Switch] === [Machines]

The cisco router is performing routing-on-a-stick on interface f0/1 and I set up a gateway of last resort to send traffic with unknown destination to interface f0/0 (connected to the Zentyal router) using the command ip route 0.0.0.0 0.0.0.0 f0/0.

Obviously the switch is using VLANS- which can ping each other.

The end devices cannot connect to the internet though and I'm not sure where/if im going wrong

Z Holt
  • 219
  • 1
  • 6
  • 19

2 Answers2

0

Your setup would work providing the Zentyal is a transparent bridge between the "Internet" and the interface connected to the "Cisco 2600".

Another way to do it would be to set the IP address of the Zentyal as the default gateway (gateway of last resort) on the Cisco and route via it. I've replaced your diagram with IP addresses below to give an idea of how it might be addressed.

[INTERNET] 1.2.3.4 [Zentyal] 10.0.0.1 === 10.0.0.2 [Cisco 2600] 192.168.1.1 === [Cisco Switch] === 192.168.1.* [Machines]

phil-lavin
  • 590
  • 1
  • 3
  • 15
  • Currently my set up looks like the following [INTERNET] 1.2.3.4 [Zentyal] 192.168.150.1 === 192.168.150.2 [Cisco 2600] 192.168.100.1, 192.168.50.1, etc (VLAN subinterfaces) === [Cisco Switch] === 192.168.50.*, 192.168.100.* [Machines] However I didn't bridge the connection between Zentyal but i set the last resort on the router to forward traffic out of the interface connected to the Zenyal interface – Z Holt Mar 28 '13 at 13:03
  • Ok. If the Zenyal isn't bridged, it will ignore traffic not directly routed to it. When your Cisco forwards packets to a gateway, it changes their destination MAC address to direct them to that gateway. In your case, packets won't be addressed to the Zentyal and unless it's bridged, it won't work. – phil-lavin Mar 28 '13 at 13:43
  • Cheers, I can only try this solution on Tuesday now with the Easter bank holidays. I'll report back then! Many thanks – Z Holt Mar 28 '13 at 13:56
0

You may not have been able to make out my reply so i have reposted it here,

Currently my set up looks like the following

[INTERNET] 1.2.3.4 [Zentyal] 192.168.150.1 === 192.168.150.2 [Cisco 2600] 192.168.100.1, 192.168.50.1, etc (VLAN subinterfaces) === [Cisco Switch] === 192.168.50., 192.168.100. [Machines]

However I didn't bridge the connection between Zentyal but i set the last resort on the router to forward traffic out of the interface connected to the Zenyal interface

Z Holt
  • 219
  • 1
  • 6
  • 19