Question

Locked

forwarding vlan traffic to firewall

By abhishek_verma ·
i want to forward my vlan traffic to external firewall so that nating done by the firewall.
my cutrrent configuration looks like this
Building configuration...

Current configuration : 4511 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname limat_nat
!
boot-start-marker
boot-end-marker
!
no logging buffered
enable secret 5 $1$h2jm$8GNFs.V4tHbk3.ef6JO.q.
enable password limat
!
no aaa new-model
!
resource policy
!
ip subnet-zero
!
!
ip cef
!
!
ip name-server 202.148.202.3
ip name-server 202.148.202.4
!
!
!
!
interface FastEthernet0/0
bandwidth receive 3000
no ip address
duplex auto
speed auto
!
interface FastEthernet0/0.1
description WIRE LAN $ETH-LAN$
bandwidth 348
encapsulation dot1Q 2
ip address 172.16.21.3 255.255.0.0
ip flow ingress
ip flow egress
ip nat inside
no snmp trap link-status
!
interface FastEthernet0/0.2
description WIRELESS LAN$ETH-LAN$
bandwidth 1000
encapsulation dot1Q 4
ip address 10.0.0.3 255.255.248.0
ip access-group 2 in
ip flow ingress
ip flow egress
ip nat inside
no snmp trap link-status
!
interface FastEthernet0/0.3
description CSE INTERNET LAB$ETH-LAN$
bandwidth 256
encapsulation dot1Q 3
ip address 192.168.3.1 255.255.255.224
ip flow ingress
ip flow egress
ip nat inside
no snmp trap link-status
!
interface FastEthernet0/0.4
description MBA LAB$ETH-LAN$
bandwidth 256
encapsulation dot1Q 6
ip address 192.168.2.1 255.255.255.224
ip flow ingress
ip flow egress
ip nat inside
no snmp trap link-status
!
interface FastEthernet0/0.5
description MANAGMENT$ETH-LAN$
bandwidth 256
encapsulation dot1Q 7
ip address 10.10.10.1 255.255.255.248
ip flow ingress
ip flow egress
ip nat inside
no snmp trap link-status
!
interface FastEthernet0/0.6
description LIBRARY$ETH-LAN$
bandwidth 256
encapsulation dot1Q 9
ip address 192.168.4.1 255.255.255.224
ip flow ingress
ip flow egress
ip nat inside
no snmp trap link-status
!
interface FastEthernet0/1
description INTERNET SERVICE PROVIDER$ETH-LAN$
bandwidth receive 3000
ip address 58.68.49.194 255.255.255.248
ip flow ingress
ip flow egress
ip nat outside
duplex auto
speed auto
!
ip classless
ip route 0.0.0.0 0.0.0.0 58.68.49.193
!
ip http server
ip nat inside source list 1 interface FastEthernet0/1 ove
ip nat inside source list 2 interface FastEthernet0/1 ove
ip nat inside source list 3 interface FastEthernet0/1 ove
ip nat inside source list 4 interface FastEthernet0/1 ove
ip nat inside source list 5 interface FastEthernet0/1 ove
ip nat inside source list 6 interface FastEthernet0/1 ove
!
access-list 1 permit 172.16.16.253
access-list 1 permit 172.16.16.254
access-list 1 deny 172.16.17.199
access-list 1 permit 172.16.16.36
access-list 1 permit 172.16.16.32
access-list 1 permit 172.16.16.33
access-list 1 permit 172.16.16.34
access-list 1 permit 172.16.16.35
access-list 1 permit 172.16.16.12
access-list 1 permit 172.16.21.8
access-list 1 permit 172.16.16.15
access-list 1 permit 172.16.16.9
access-list 1 permit 172.16.16.10
access-list 1 permit 172.16.21.14
access-list 1 permit 172.16.16.11
access-list 1 permit 172.16.21.1
access-list 1 permit 172.16.16.4
access-list 1 permit 172.16.16.5
access-list 1 permit 172.16.16.6
access-list 1 permit 172.16.17.1
access-list 1 permit 172.16.16.1
access-list 1 permit 172.16.16.2
access-list 1 permit 172.16.16.3
access-list 1 permit 172.16.17.2
access-list 1 permit 172.16.16.29
access-list 1 permit 172.16.16.30
access-list 1 permit 172.16.16.31
access-list 1 permit 172.16.16.26
access-list 1 permit 172.16.16.27
access-list 1 permit 172.16.16.22
access-list 1 permit 172.16.16.23
access-list 1 permit 172.16.16.16
access-list 1 permit 172.16.16.17
access-list 1 permit 172.16.16.18
access-list 2 permit 10.0.0.0 0.0.7.255
access-list 3 permit 192.168.3.0 0.0.0.31
access-list 4 permit 192.168.2.0 0.0.0.31
access-list 5 permit 10.10.10.0 0.0.0.7
access-list 6 permit 192.168.4.0 0.0.0.31
!
control-plane
!
banner motd ^C
******************************************
* Unauthorized access prohibited
******************************************
^C
!

Please help me

This conversation is currently closed to new comments.

2 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Answers

Share your knowledge
Back to Networks Forum
2 total posts (Page 1 of 1)  

Related Discussions

Related Forums