Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Replacing A Firewall. Keep the same IP for new firewall

Posted on 2013-11-09
2
Medium Priority
?
395 Views
Last Modified: 2013-11-09
I am replacing an existing Fortigate firewall that is currently at 10.1.201.2. I would like the new firewall to have the same ip address as the old firewall.

Before I replaced the old firewall, I verified that I could successfully ping it from a system with the ip address of 192.168.1.100

I configured the new firewall and first connected it directly to a PC with 10.2.201.99 (same subnet) address to verify that I could reach it via ping and via the admin interface of the new firewall so I know the configuration is correct.

I added the new firewall to our network by unplugging the old firewall and connecting the new firewall to the same port on the 3560 switch.

I added the hardware mac address of the new firewall to the 3560 switch using the commands:

configure terminal
mac-address-table static 0013.7233.b6ae vlan 201 interface fastEthernet 0/1
exit

Open in new window


and verified that the mac address was added using:
show mac-address table vlan

Open in new window


(I used Wireshark and ping to verify the mac address of the new firewall).

I can not ping the new firewall at 10.1.201.2 from 192.168.1.100 like I was expecting.

I would expect that If the new firewall is configured to use the same address as the old firewall and I added a static entry for the mac address to the switch that the switch would see the firewall.

Is there anything I am missing here?

Any suggestions?
0
Comment
Question by:Blackhawk_Church
2 Comments
 
LVL 9

Accepted Solution

by:
gt2847c earned 2000 total points
ID: 39636138
Does the new firewall have a route for the 192.168.1.x network?  If it does not, it may be trying to reply to your ping out the wrong interface (default route)...  You may need to add a static route to your new firewall.
0
 

Author Comment

by:Blackhawk_Church
ID: 39636273
That did the trick!! Thanks.
0

Featured Post

Lessons on Wi-Fi & Recommendations on KRACK

Simplicity and security can be a difficult  balance for any business to tackle. Join us on December 6th for a look at your company's biggest security gap. We will also address the most recent attack, "KRACK" and provide recommendations on how to secure your Wi-Fi network today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you’re like me and you like peace and quiet, saving money, and pretty lights, then this article is for you. For financial reasons, I buy all the Cisco equipment for my home lab second-hand. The first thing to wear out is usually one of the coo…
Do you have a computer or other electronic gear that is attached to a rat nest of cables, or alternatively have your cables all bundled nice at neat?  If so then read this post to sidstep common pitfalls. When I was a student at DeVry University,…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an anti-spam), the admin…
In a question here at Experts Exchange (https://www.experts-exchange.com/questions/29062564/Adobe-acrobat-reader-DC.html), a member asked how to create a signature in Adobe Acrobat Reader DC (the free Reader product, not the paid, full Acrobat produ…
Suggested Courses

963 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question