cancel
Showing results for 
Search instead for 
Did you mean: 
mike18
Level 7
Report Inappropriate Content
Message 1 of 7

Firewall port directly connected to server with vlan

Jump to solution


Hi Everyone,

We have server directly connected to Firewall interface.

On firewall interface we have vlan configured.

Servers is assigned Gateway IP of firewall interface.

From server i was unable to ping its gateway.

From firewall also i was unable to ping the server IP.

Subnet mask was configured correctly on the Firewall and Server.

Interface at both devices were up and shows green light.

Then i removed vlan info from the firewall interface

After that server was able to ping the firewall ip(server's gateway.

Can someone tell me if device is directly connected to firewall with vlan configured on firewall interface then why ping does not work?

Regards

Mike

1 Solution

Accepted Solutions
sliedl
Level 14
Report Inappropriate Content
Message 4 of 7

Re: Firewall port directly connected to server with vlan

Jump to solution

The answer is you must set a VLAN tag on that server or use a switch which will VLAN tag the firewall traffic but leave the server traffic untagged.

6 Replies

Re: Firewall port directly connected to server with vlan

Jump to solution

Debes habilitar la NIC del servidor, para que este utilice el mismo tag de VLAN asignado en la interfaz del Firewall. Una segunda opción es utilizar un switch, donde debes crear una vlan con el mismo ID de la utilizada en el Firewall, luego asignar 2 puertos en modo acceso, donde en uno de los puertos estará el Firewall, y en el otro, el Servidor.

mike18
Level 7
Report Inappropriate Content
Message 3 of 7

Re: Firewall port directly connected to server with vlan

Jump to solution

Can you please answer in english

Regards

Mike

sliedl
Level 14
Report Inappropriate Content
Message 4 of 7

Re: Firewall port directly connected to server with vlan

Jump to solution

The answer is you must set a VLAN tag on that server or use a switch which will VLAN tag the firewall traffic but leave the server traffic untagged.

mike18
Level 7
Report Inappropriate Content
Message 5 of 7

Re: Firewall port directly connected to server with vlan

Jump to solution

Many thanks

Mike

Re: Firewall port directly connected to server with vlan

Jump to solution

The server needs to mark the frames with the same taq ID that you use in your Firewall (802.1q)


Ejm:

fw-server.gif


On Windows Server: Set VLAN ID on Windows 7 NIC

On linux (Debian/ubuntu): SET VLAN ID on  ubuntu NIC



MORE EASY:

fw-server.gif

Highlighted
mike18
Level 7
Report Inappropriate Content
Message 7 of 7

Re: Firewall port directly connected to server with vlan

Jump to solution

Many thanks luis for so detailed answer.

Best Regards

Mike

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community