Hoping there are some networking specialists in here who can help me out...
Customer has two WatchGuard M200s in a Active/Passive configuration and in this configuration you need to have everything patched to both the M200s concurrently (e.g. LAN, DMZ, Internet etc.) so that in a failure it will failover within 1-2 packet drops.
#Primary Issue#
The customer has a NBN FTTP internet connection that has a single ethernet hand off from the NTD - this needs to be plugged into two M200's concurrently.
They have been plugging the ethernet hand off into a 5-port hub switch then having two other ports plug into the M200s.
They currently have stacked N3000 L3 POE switches that would be a much better use case than an non-managed / non-redundant hub switch.
Now i've configured the N3000's with a port channel (e.g. PO4) on the interfaces gi1/0/44-45 & gi2/0/44-45 with switchport access vlan 30 configured.
The concept was that you would plug in the ethernet hand off into gi1/0/44 then have gi1/0/45 & gi2/0/45 plugged into the M200s (gi2/0/44 in case gi1/0/44 dies, you simply move the ethernet hand off).
The issue is that when I plugged in these ports from the N3000s into the M200s the interface is shown as failed on the watchguard.
I'm assuming that it might be because I've not configured the WatchGuard external internet interface with the VLAN ID and/or no link aggregation - would this be correct or is there anything else that needs to be considered?
(The ISP does not require a VLAN to deliver this service either, it would be an internal VLAN only)
Appreciate any help
No comments:
Post a Comment