Allow PC (s) in VLAN2 access to Internet in VLAN1

Home Page Forums Network Management Bridges and Routers Allow PC (s) in VLAN2 access to Internet in VLAN1

This topic contains 18 replies, has 0 voices, and was last updated by  rpottersr 6 years, 3 months ago.

Viewing 5 posts - 16 through 20 (of 20 total)
  • Author
    Posts
  • #52238

    rpottersr
    Member

    @redfive wrote:

    Of course…Add , as first rule in forward chain, Input * , Output ETH00, s.ip *, dest.ip 192.168.194.0/24 , state RELATED, ESTABLISHED, action ACCEPT .
    This is the first step for setting up a stateful firewall.. Try and post the result.
    bye

    Thank you, that allowed me access to a computer on VLAN2, but I’m still unable to access or ping any computers on VLAN3 and VLAN4.

    The results of the ping to VLAN3:

    C:UsersRobin>ping 192.168.2.1

    Pinging 192.168.2.1 with 32 bytes of data:
    Reply from 70.159.184.82: Destination net unreachable.
    Reply from 70.159.184.82: Destination net unreachable.
    Reply from 70.159.184.82: Destination net unreachable.
    Reply from 70.159.184.82: Destination net unreachable.

    Ping statistics for 192.168.2.1:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

    I get the same thing for VLAN4.

    Very confusing, since I’m really not a firewall admin, but very willing to learn and obtain the knowledge.

    Really appreciate all the help you have been giving me.

    #52239

    redfive
    Participant

    Seems that ZS isn’t the def-gw for all networks ….please, briefly describe the network topology…
    bye

    #52240

    rpottersr
    Member

    Ok…doesn’t make since cause the routing table is showing this:

    Destination Netmask Type Metric Gateway Interface Flags State Source
    10.10.0.0 255.255.255.248 Net 0 none VPN99 U Up Auto
    192.168.40.0 255.255.255.248 Net 0 none ETH00 vlan 4 U Up Auto
    192.168.20.0 255.255.255.0 Net 0 none ETH00 vlan 2 U Up Auto
    192.168.194.0 255.255.255.0 Net 0 none ETH00 U Up Auto
    192.168.2.0 255.255.255.0 Net 0 none ETH00 vlan 3 U Up Auto
    DEFAULT GATEWAY 0.0.0.0 Net 0 192.168.194.1 ETH00 UG Up Static

    #52241

    rpottersr
    Member

    I figured it out, and what a dummy I feel.

    When I initially created VLAN2 I had made an entry for the VLAN under local networks on my main server which is on VLAN1.

    So, when I created the other VLAN3 and VLAN4, I never created the local network entries on the main server.

    The entries look something like this

    Local Network:

    192.168.194.0/24 gw 192.168.194.1
    192.168.20.0/24 router 192.168.194.200 (VLAN2)
    192.168.2.0/24 router 192.168.194.200 (VLAN3)
    192.168.40.0/29 router 192.168.194.200 (VLAN4)

    No that the local network entries are in place, I’m able to ping the gateway address of all VLANs.

    With the firewall entry that you had me place in the 1 sequence yesterday, I’m able to access one computer on VLAN2, but I’m still unable to access a computer on VLAN3. Not worried about VLAN4 as of yet because I don’t have any VOIP phones setup for that as of yet.

    #52242

    bellerockz
    Member

    wow! this is an interesting topic!

Viewing 5 posts - 16 through 20 (of 20 total)

You must be logged in to reply to this topic.