Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Setup Router to work as a Switch 2

Status
Not open for further replies.
beatdown

beatdown

Technical User
Feb 27, 2005
85
US
This probably sounds a little crazy, but I'm wondering if there is a way to setup a Cisco router with two ethernet interfaces, to work as a switch, instead of as a router?

Here's what I'm trying to accomplish...

Our company has a wireless ISP (Airband Communications). They have a dish on our roof that connects via a CAT5 ethernet cable to our Watchguard firewall. The firewall is doing NAT. So there is no router involved in our setup.

I need to start analyzing traffic leaving/entering our network, and monitoring what users are doing on the internet. There is a great free tool for doing this, which uses Netflow outputs from your router. Problem is that we aren't using a router, and the Watchguard firewall doesn't have the ability to spit out Netflow data.

So I'm wondering if there is a way to put a Cisco router between the dish and my firewall, but give both ethernet interfaces public IP's from my block, and then have the firewall still do NAT...which effectively means the router would be acting as a switch, that can export Netflow data.

Can anybody tell me how to do this, or if you have any other suggestions about how to accomplish my goal?

FYI...replacing the Watchguard firewall with a Cisco box isn't an option...unfortunately it won't be that easy.

Thanks!
 
Sort by date Sort by votes
router>en
router#conf t
router(config)#no ip routing
router(config)#end
router#wr

Try that...

Burt
 
Upvote 0 Downvote
you can try irb bridging.

bridge 1 protocol ieee
bridge irb
bridge 1 route ip
!
interface ethernet 2
bridge-group 1
no ip address
!
interface ethernet 3
bridge-group 1
no ip address
!
interface bvi 1
ip address 192.168.1.1 255.255.255.0
ip flow ingress
!
ip flow-export X.X.X.X
ip flow-export source bvi 1
 
Upvote 0 Downvote
You can try bridging, however since no actual 'flows' will be happening I don't think there will be any usable netflow information. Try it but as I say I don't think its going to work.
It should be very easy to change the topology though, and put a routed segment between the Firewall and the Cisco router (/30) and use a couple of static routes. This way the Cisco router will be involved in each of the flows and will export the relevent Netflow information.

HTH

Andy
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Skip Rango
  • Locked
  • Question
how to backup cisco sg500-52p switch
Replies
1
Views
565
madwok
madwok
B
  • Locked
  • Question
Cisco IP phone 7841 8851 unable to forward all to external number
Replies
0
Views
212
badwolf1686
B
CPM86
  • Question
Cisco isr 4331 with IOS and sip busy fail over to 2nd sip number on pbx?
Replies
0
Views
304
CPM86
CPM86
jobsp90
  • Question
I have a issue in my office hospital network regarding using IPPBX software.
Replies
2
Views
236
DavetheChef
DavetheChef
Luzbel
  • Locked
  • Question
Connecting HVAC controller to network
Replies
0
Views
402
Luzbel
Luzbel

Part and Inventory Search

Sponsor

Back
Top