07-12-2021 11:55 AM
I'm working on isolating the management interface onto its own network. The firewall will be the router for this traffic and the network switch it connects to will be L2 only. If my management IP is 10.10.20.10/24 and the gateway is 10.10.20.1 where do I configure the gateway address 10.10.20.1 on the firewall? Is this created as part of the management interface routing table automatically? Or do I need to create it somewhere else?
07-12-2021 12:52 PM
Hello,
The way I prefer to create this is to use a trunk from the switch to the firewall (layer2) and then use a vlan interface as the layer3 gateway. The trunk allows for future flexibility (e.g. allowing additional vlans over the same wire). You will also need to add a static route in the virtual router so the PAN knows where to send the traffic, i.e. destination 10.10.20.0/24 interface vlan (MGMT), next hop = none.
Hope that helps.
07-12-2021 02:51 PM
Can I use a sub-interface for service routes as well?
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
