I am currently in the process of breaking one big corporate vlan into 3 smaller ones and am having issues with internet connectivity in my lab.
I am using an HP Layer 3 core that will support the 3 corporate vlans as follows:
vlan 10: Building 1 - vlan-interface10 -172.19.0.1/16 (current)
vlan 20: Building 2: vlan-interface20 -172.20.0.1/16 (future)
vlan 30: Building 3: vlan-interface30 - 172.30.0.1/16 (future)
The core has a Palo Alto firewall off of vlan 10 access port that all internet traffic currently passes through.
It's address is 172.19.0.10. The DHCP server is also on vlan 10 and has scopes for all 3 vlans (which are working).
All the LAN routing on the core is simple direct attach routes as everything comes back to the core's vlan-interfaces.
I can't seem to get vlan 20 or 30 to connect to the internet after adding a static 0.0.0.0/0 next-hop 172.19.0.10 route. VLAN 10 works fine.
If i am routing all internet traffic through 172.19.0.10 will it get NATed properly going through a VLAN 10 access port to the firewall's LAN (trust) interface?
Another thing is that i can ping the firewall LAN interface from vlan 10 but not the other vlans but i'm not sure if that is just a security rule.
I've read on using sub-interfaces or using a physical interface on the Palo alto for each vlan and put them all in the same security zone.
If you’re involved with your company’s wide area network (WAN), you’ve probably heard about SD-WANs. They’re the “boy wonder” of networking, ostensibly allowing companies to replace expensive MPLS lines with low-cost Internet access. But, are they …
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely.
Download Secure Shell:
Follow basic installation instructions:
Open Secure Shell and use "Quick Connect" to enter credentials includi…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…