troubleshooting Question
Firewall training lab with layer 3 switch
Hello all,
I would like to set a firewall training lab in my lab environment.
Materials i have ;
2 Fortinet 60C utm device
1 HP 2910al switch
2 PC with 2 Network Card
The Internet gateway will be 172.16.20.1
switch config
============
hostname "utm_lab"
module 1 type J9145A
ip routing >>>>>>>> i have to run this command for inter vlan comm ?
vlan 1
name "DEFAULT_VLAN"
untagged 6-24
no untagged 1-5
no ip address
exit
vlan 10
name "VLAN10"
untagged 1
ip address 10.0.10.254 255.255.255.0
exit
vlan 20
name "VLAN20"
untagged 2
ip address 10.0.20.254 255.255.255.0
exit
vlan 30
name "VLAN30"
untagged 3
ip address 10.0.30.254 255.255.255.0
exit
vlan 40
name "VLAN40"
untagged 4
ip address 10.0.40.254 255.255.255.0
exit
vlan 50
name "VLAN50"
untagged 5
ip address 172.16.20.254 255.255.255.0
exit
ip route 0.0.0.0 0.0.0.0 172.16.20.1 >>> any dest. if dont know the route
UTM 1
======
wan1 : 10.0.10.1/24
wan2 : 10.0.20.1/24
int : 10.0.100.1 / 24
UTM 2
=====
wan1 : 10.0.30.1 /24
wan2 : 10.0.40.1 /24
int : 10.0.200.1 /24
From 10.0.100.254 ( windows2008r2 ) PC i can reach to all vlan (10-50) but can't reach to 172.16.20.1 , what is wrong in this config ? any idea
How can i use my device to create a useful lab area in other way ?
Thanks
I would like to set a firewall training lab in my lab environment.
Materials i have ;
2 Fortinet 60C utm device
1 HP 2910al switch
2 PC with 2 Network Card
The Internet gateway will be 172.16.20.1
switch config
============
hostname "utm_lab"
module 1 type J9145A
ip routing >>>>>>>> i have to run this command for inter vlan comm ?
vlan 1
name "DEFAULT_VLAN"
untagged 6-24
no untagged 1-5
no ip address
exit
vlan 10
name "VLAN10"
untagged 1
ip address 10.0.10.254 255.255.255.0
exit
vlan 20
name "VLAN20"
untagged 2
ip address 10.0.20.254 255.255.255.0
exit
vlan 30
name "VLAN30"
untagged 3
ip address 10.0.30.254 255.255.255.0
exit
vlan 40
name "VLAN40"
untagged 4
ip address 10.0.40.254 255.255.255.0
exit
vlan 50
name "VLAN50"
untagged 5
ip address 172.16.20.254 255.255.255.0
exit
ip route 0.0.0.0 0.0.0.0 172.16.20.1 >>> any dest. if dont know the route
UTM 1
======
wan1 : 10.0.10.1/24
wan2 : 10.0.20.1/24
int : 10.0.100.1 / 24
UTM 2
=====
wan1 : 10.0.30.1 /24
wan2 : 10.0.40.1 /24
int : 10.0.200.1 /24
From 10.0.100.254 ( windows2008r2 ) PC i can reach to all vlan (10-50) but can't reach to 172.16.20.1 , what is wrong in this config ? any idea
How can i use my device to create a useful lab area in other way ?
Thanks
Learn from the best
Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.
Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 5 Comments.
Try for 7 days”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.
Our community of experts have been thoroughly vetted for their expertise and industry experience.