We are using an FG60E for a specific set of traffic we are routing out of one of our remote locations. We don't want this traffic to route back over our Corporate WAN. This is working with no problems.
We broadcast an SSID with a particular VLAN. This traffic is sent to the FG60E and sent out through the WAN port to the internet. This is done using LAN1 for the internal traffic and sent out over WAN1.
Internally we have a Solarwinds server that receives netflow data from all of our routers. We would like to report on the traffic going out of this firewall to validate and track use, capacity plan, etc. For this my thought was to use another LAN port that we allow onto our network. LAN4. LAN4 will be receiving a DHCP reservation from the onsite DHCP server and thus be on our network. Netflow stats will be sent to our netflow server through this port.
Here is where we get issues. Netflow works just fine. When LAN4 gets connected to the network I can connect to the FG60E over the IP of LAN4. However, traffic going over the SSID VLAN loses it's connection to the internet once that connection is made.
I've been beating my head against a desk trying to figure out why this won't work. Out of blind luck we had it working for a few weeks then it all of a sudden stopped. I have been thinking it is a policy issue on how traffic is routing. I've tried every variation I can think of to make it work though.
I'd be grateful for any suggestions or thoughts on what I might check.
No comments:
Post a Comment