Blackhawk_Church
asked on
Replacing A Firewall. Keep the same IP for new firewall
I am replacing an existing Fortigate firewall that is currently at 10.1.201.2. I would like the new firewall to have the same ip address as the old firewall.
Before I replaced the old firewall, I verified that I could successfully ping it from a system with the ip address of 192.168.1.100
I configured the new firewall and first connected it directly to a PC with 10.2.201.99 (same subnet) address to verify that I could reach it via ping and via the admin interface of the new firewall so I know the configuration is correct.
I added the new firewall to our network by unplugging the old firewall and connecting the new firewall to the same port on the 3560 switch.
I added the hardware mac address of the new firewall to the 3560 switch using the commands:
and verified that the mac address was added using:
(I used Wireshark and ping to verify the mac address of the new firewall).
I can not ping the new firewall at 10.1.201.2 from 192.168.1.100 like I was expecting.
I would expect that If the new firewall is configured to use the same address as the old firewall and I added a static entry for the mac address to the switch that the switch would see the firewall.
Is there anything I am missing here?
Any suggestions?
Before I replaced the old firewall, I verified that I could successfully ping it from a system with the ip address of 192.168.1.100
I configured the new firewall and first connected it directly to a PC with 10.2.201.99 (same subnet) address to verify that I could reach it via ping and via the admin interface of the new firewall so I know the configuration is correct.
I added the new firewall to our network by unplugging the old firewall and connecting the new firewall to the same port on the 3560 switch.
I added the hardware mac address of the new firewall to the 3560 switch using the commands:
configure terminal
mac-address-table static 0013.7233.b6ae vlan 201 interface fastEthernet 0/1
exitand verified that the mac address was added using:
show mac-address table vlan(I used Wireshark and ping to verify the mac address of the new firewall).
I can not ping the new firewall at 10.1.201.2 from 192.168.1.100 like I was expecting.
I would expect that If the new firewall is configured to use the same address as the old firewall and I added a static entry for the mac address to the switch that the switch would see the firewall.
Is there anything I am missing here?
Any suggestions?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER