New
#11
Hi there,
Yes sorry I forgot to mention it is a bonded solution.
Yes that's correct, when plugging directly into the firewall with ANY computer it works fine.
Hi there,
Yes sorry I forgot to mention it is a bonded solution.
Yes that's correct, when plugging directly into the firewall with ANY computer it works fine.
OK, got it. Interesting issue indeed. So with the 24-port switch, how many VLANs do you have configured on it? You might have to trunk the firewall port to allow all VLANs access to it. It seems to me to be a routing issue. If you put a PC on the switch in the same VLAN as the firewall and set its IP information statically, can you ping or do anything?
I have about 23 Vlans configured. I believe it already is trunked as the connection currently works fine without the Firewall. I can't do that test at the connection is being highly used at the minute.
Wow, 23 vlans on a 24-port switch? So you have each client on their own subnetwork? That sounds a little crazy to me
ohh, whoops! LOL. Still a lot of VLANs but shouldnt be an issue. Sounds like the firewall is the culprit here. I take it the firewall isn't currently hooked up due to this problem. Wish I knew more about that particular firewall. You may want to go over the firewall rules with a fine-tooth comb, and make sure all VLAN subnets are allowed to pass.
what's the default gateway when connected to the switch vs straight into firewall.
When connected to the switch can the PCs in the same VLan connect to each other?
I have been over the firewall rules about a million times and they all seem okay to me
I get some random 169.xxx.xxx.xxx gateway from the switch. When plugged directly into the firewall i get 84.xxx.xxx.xxx which is what it should be.
Yes they can see each other
You don't happen to have DHCP server enabled on the switches do you? (assuming they support it) or another DHCP server that could be causing a conflict?
When logged on the switch can you ping the firewall?
WarningIf you dont have ICMP traffic allowed on the firewall you will not be able to ping the target
Dhcp uses port 67 and 68.
You should also have a firewall log to tell you what's being denied access and allowed access.
I dont think that would be the case, because the PC's would be getting and address from the switches DHCP server. They're not getting an address because they're unable to connect to a DHCP server (the Firewall).