Solved

Replacing A Firewall. Keep the same IP for new firewall

Posted on 2013-11-09
2
354 Views
Last Modified: 2013-11-09
I am replacing an existing Fortigate firewall that is currently at 10.1.201.2. I would like the new firewall to have the same ip address as the old firewall.

Before I replaced the old firewall, I verified that I could successfully ping it from a system with the ip address of 192.168.1.100

I configured the new firewall and first connected it directly to a PC with 10.2.201.99 (same subnet) address to verify that I could reach it via ping and via the admin interface of the new firewall so I know the configuration is correct.

I added the new firewall to our network by unplugging the old firewall and connecting the new firewall to the same port on the 3560 switch.

I added the hardware mac address of the new firewall to the 3560 switch using the commands:

configure terminal
mac-address-table static 0013.7233.b6ae vlan 201 interface fastEthernet 0/1
exit

Open in new window


and verified that the mac address was added using:
show mac-address table vlan

Open in new window


(I used Wireshark and ping to verify the mac address of the new firewall).

I can not ping the new firewall at 10.1.201.2 from 192.168.1.100 like I was expecting.

I would expect that If the new firewall is configured to use the same address as the old firewall and I added a static entry for the mac address to the switch that the switch would see the firewall.

Is there anything I am missing here?

Any suggestions?
0
Comment
Question by:Blackhawk_Church
2 Comments
 
LVL 9

Accepted Solution

by:
gt2847c earned 500 total points
ID: 39636138
Does the new firewall have a route for the 192.168.1.x network?  If it does not, it may be trying to reply to your ping out the wrong interface (default route)...  You may need to add a static route to your new firewall.
0
 

Author Comment

by:Blackhawk_Church
ID: 39636273
That did the trick!! Thanks.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Broadband over Power Lines Broadband over Power Lines is the technology of transmitting computer data through power lines. This method of connectivity allows the user to have access to the internet without having to rely on additional cables, suc…
#Citrix #Citrix Netscaler #HTTP Compression #Load Balance
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now