cancel
Showing results for 
Search instead for 
Did you mean: 
mike18
Level 7
Report Inappropriate Content
Message 1 of 7

Firewall port directly connected to server with vlan

Jump to solution


Hi Everyone,

We have server directly connected to Firewall interface.

On firewall interface we have vlan configured.

Servers is assigned Gateway IP of firewall interface.

From server i was unable to ping its gateway.

From firewall also i was unable to ping the server IP.

Subnet mask was configured correctly on the Firewall and Server.

Interface at both devices were up and shows green light.

Then i removed vlan info from the firewall interface

After that server was able to ping the firewall ip(server's gateway.

Can someone tell me if device is directly connected to firewall with vlan configured on firewall interface then why ping does not work?

Regards

Mike

1 Solution

Accepted Solutions
sliedl
Level 14
Report Inappropriate Content
Message 4 of 7

Re: Firewall port directly connected to server with vlan

Jump to solution

The answer is you must set a VLAN tag on that server or use a switch which will VLAN tag the firewall traffic but leave the server traffic untagged.

6 Replies

Re: Firewall port directly connected to server with vlan

Jump to solution

Debes habilitar la NIC del servidor, para que este utilice el mismo tag de VLAN asignado en la interfaz del Firewall. Una segunda opción es utilizar un switch, donde debes crear una vlan con el mismo ID de la utilizada en el Firewall, luego asignar 2 puertos en modo acceso, donde en uno de los puertos estará el Firewall, y en el otro, el Servidor.

Highlighted
mike18
Level 7
Report Inappropriate Content
Message 3 of 7

Re: Firewall port directly connected to server with vlan

Jump to solution

Can you please answer in english

Regards

Mike

sliedl
Level 14
Report Inappropriate Content
Message 4 of 7

Re: Firewall port directly connected to server with vlan

Jump to solution

The answer is you must set a VLAN tag on that server or use a switch which will VLAN tag the firewall traffic but leave the server traffic untagged.

mike18
Level 7
Report Inappropriate Content
Message 5 of 7

Re: Firewall port directly connected to server with vlan

Jump to solution

Many thanks

Mike

Re: Firewall port directly connected to server with vlan

Jump to solution

The server needs to mark the frames with the same taq ID that you use in your Firewall (802.1q)


Ejm:

fw-server.gif


On Windows Server: Set VLAN ID on Windows 7 NIC

On linux (Debian/ubuntu): SET VLAN ID on  ubuntu NIC



MORE EASY:

fw-server.gif

mike18
Level 7
Report Inappropriate Content
Message 7 of 7

Re: Firewall port directly connected to server with vlan

Jump to solution

Many thanks luis for so detailed answer.

Best Regards

Mike

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator