Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Replacing A Firewall. Keep the same IP for new firewall

Posted on 2013-11-09
2
366 Views
Last Modified: 2013-11-09
I am replacing an existing Fortigate firewall that is currently at 10.1.201.2. I would like the new firewall to have the same ip address as the old firewall.

Before I replaced the old firewall, I verified that I could successfully ping it from a system with the ip address of 192.168.1.100

I configured the new firewall and first connected it directly to a PC with 10.2.201.99 (same subnet) address to verify that I could reach it via ping and via the admin interface of the new firewall so I know the configuration is correct.

I added the new firewall to our network by unplugging the old firewall and connecting the new firewall to the same port on the 3560 switch.

I added the hardware mac address of the new firewall to the 3560 switch using the commands:

configure terminal
mac-address-table static 0013.7233.b6ae vlan 201 interface fastEthernet 0/1
exit

Open in new window


and verified that the mac address was added using:
show mac-address table vlan

Open in new window


(I used Wireshark and ping to verify the mac address of the new firewall).

I can not ping the new firewall at 10.1.201.2 from 192.168.1.100 like I was expecting.

I would expect that If the new firewall is configured to use the same address as the old firewall and I added a static entry for the mac address to the switch that the switch would see the firewall.

Is there anything I am missing here?

Any suggestions?
0
Comment
Question by:Blackhawk_Church
2 Comments
 
LVL 9

Accepted Solution

by:
gt2847c earned 500 total points
ID: 39636138
Does the new firewall have a route for the 192.168.1.x network?  If it does not, it may be trying to reply to your ping out the wrong interface (default route)...  You may need to add a static route to your new firewall.
0
 

Author Comment

by:Blackhawk_Church
ID: 39636273
That did the trick!! Thanks.
0

Featured Post

Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
extend vlan through a layer 3 connection 31 163
Trunk Port 7 54
Home Router DHCP query 9 42
Password recovery 2960S 4 9
Do you have a computer or other electronic gear that is attached to a rat nest of cables, or alternatively have your cables all bundled nice at neat?  If so then read this post to sidstep common pitfalls. When I was a student at DeVry University,…
This article will step through configuring a SonicWALL appliance to utilize an internal DHCP server for Global VPN Client (GVC) hosts.  There are times when using an external (external to the SonicWALL) DHCP server, such as Windows Servers, isn’t pr…
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question