Solved

watchguard x750e to external vlan

Posted on 2013-01-02
4
986 Views
Last Modified: 2013-01-03
We recently had to change our ISP router to use VLANs in order to split our public address space into 2 subnets.  Now I need to reconfigure the firewall (watchguard x750e) to use the VLAN (65) instead of the external address.  I know the firewall has VLAN capabilities, but I do not know how to configure it.  Any help or pointers would be most welcome.

original config  (ip #'s changed to protect the innocent):
ISP 1.2.3.4   firewall interface (external) 1.2.3.5 gateway 1.2.3.4

now:
ISP vlan65 (1.2.3.4)  firewall interface (vlan?) ?.?.?.?

thanks for the help.
0
Comment
Question by:dondegner
  • 2
4 Comments
 
LVL 42

Accepted Solution

by:
paulsolov earned 500 total points
ID: 38741211
I don't believe that you can do this on the 750, there are no vlan configuration tabs in WSM per WSM manual

http://www.watchguard.com/help/docs/v741WFSConfigurationGuide.pdf

If you do see a VLAN tab than it may be possible.

What you may be able to do is is get a switch and configure a switch port on vlan 65 then configure another switch port on vlan 65 and attach the watchguard, essentially define the vlan on the switch and keep the watchguard native format.

The newer Watchguard models such as the X22 do support VLANs
0
 
LVL 9

Expert Comment

by:Brian
ID: 38741423
Even if it is going to use VLAN 65 it still needs an address. The older models do not support VLAN tagging. Look at an XTM 25 or maybe an XTM 33. They have similar specs to the 750 and are not prohibitively expensive for most.
0
 

Author Closing Comment

by:dondegner
ID: 38742212
the docs show that the box will support VLAN's on trusted and optional interfaces, but not on the external interface.  An intermediary switch was the best solution.
0
 
LVL 42

Expert Comment

by:paulsolov
ID: 38742300
Were you able to get the switch solution to work?  Just curious.
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Suggested Solutions

Creating an OSPF network that automatically (dynamically) reroutes network traffic over other connections to prevent network downtime.
PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now