Hi All,
I'm stuck in somewhat of a pickle and I cannot figure why it is not working for the life of me.
So the setup is this
PC ---> Layer 3 switch ---> Firewall ---> ISP managed router at Site1 ---> ISP managed router at Site 2 / other WAN sites
The layer 3 switch, firewall and ISP routers can reach site 2 and other WAN sites.
However the PC and VLANs configured on switch cannot see any of the sites at all. In fact, it cannot even ping the outside interface of the firewall (and all ICMP is allowed)
We have been given a 10.200.12.0 / 28 subnet by the ISP for our LAN side and we have asked them to setup a static route for our own site (10.10.0.0/20)
Router IP: 10.200.12.1
ROUTER 1 show ip route has:
S 10.10.0.0/20 [1/0] via 10.202.12.2, Bvi 1
C 10.200.12.1/28 is directly connected, Bvi 1
and a RIP route to our other sites
Firewall IP: 10.200.12.2 (WAN IP) 10.10.15.2 (Firewall Inside L3 IP)
Firewall show route has:
Gateway of last resort is 10.200.12.1 to network 0.0.0.0
S 10.10.0.0 255.255.240.0 [1/0] via 10.10.15.10, inside C 10.0.1.0 255.255.255.0 is directly connected, statefailover C 10.10.15.0 255.255.255.0 is directly connected, inside C 10.200.12.0 255.255.255.0 is directly connected, WAN S* 0.0.0.0 0.0.0.0 [1/0] via 10.200.12.1, WAN
Switch has 4 VLANs setup
VLAN10 - Servers 10.10.1.1
VLAN20 - Workstations 10.10.2.1
VLAN150 - Firewall Layer 3 10.10.15.10
VLAN 160 - Router uplink 10.200.12.3 255.255.255.240
Switch has 2 static routes setup
0.0.0.0 0.0.0.0 10.200.12.2
0.0.0.0 0.0.0.0 10.10.15.2
I cannot ping from VLAN10 and VLAN20 to any of our other WAN sites.. Infact VLAN 10 and 20 can't even ping the firewalls outside IP
No comments:
Post a Comment