03-26-2017 12:14 PM - edited 03-26-2017 01:00 PM
Hey folks,
Newbie here. 🙂 I had this going successful before, but after a factory default, not working for me for some reason.
I've followed this helpful article before and worked on my first try, but not now for some reason.
IE browser will not resolve internet pages.
I can not ping the VLAN gateway IP of 192.168.32.172 from laptop for some reason. Any ideas?
I can ping the Mgmt interface IP 192.168.32.170, no problem.
Thought I would post my settings and see if anyone sees what I doing wrong?
My cabling and client laptop IP configured static.
Plugged in ethernet cable from ISP modem to 1/1. Successfully obtained a Dynamic Public IP.
Created Security Zones.
Created Vlan Object and assigned to interface 1/2.
Created vlan object in Trust-L3 Zone, assigned to Vlan Object, and assigned Internal IP address 192.168.32.172 (to be used as internal Gateway).
Using Default Virtual Router. You can see the routing entries for the public IP and VLAN IP.
Security rule created.
NAT rule created.
Internet Security Group profile created.
03-27-2017 12:47 AM
It looks like you have a single internal vlan?
The easiest way to configure that is to set up your physical interface to layer3 and then, depending on your switch port configuration put an IP on the interface itself (switchport access) or create a tagged subinterface (switchport trunk) with the IP of your choosing
layer2 interfaces are fine, but are more useful if you have a bunch of vlans on several switches that you want to bridge through the firewall 🙂
To be able to ping an interface on the firewall, you need to attach a management profile to the interface that allows ping (for sneaky stealthy reasons the interfaces don't respond to ping by default)
here's a bunch of articles and videos which may be helpful 🙂 Getting Started: The Series
03-27-2017 09:57 AM
Correct, yes 1 internal vlan for now. I was just trying to stick to the article example I was following to get it working intitially and go from there.
I will regroup and try again. Hopefully close this thread this week.
Thanks!
04-02-2017 12:58 PM
I tried it again, this time using the DNS server from Xfinity, instead of 8.8.8.8, working now.
I got ping going on the VLAN interface after assigning a management profile. I've since removed it (no ping) and internet working fine.
Thank you again for the responses. It's nice to come back to this post for reference.
I am training myself using product documentation, videos, live community, and bought my own used PA-200.
I will close this thread.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
