I've found various information online about how to do this, and I'm not sure what else to try. Before beating my head against the wall some more, I thought I'd share my config and hope someone can provide some insight. First, I'm still on SecurePlatform R60, so be nice!
Anyway, here is my firewall topology: Eth0 --> 3.3.3.1 / 255.255.255.0 / This network Eth1 --> 4.4.4.1 / 255.255.255.252 / External Eth2 --> 5.5.5.1 / 255.255.255.252 / This network Eth3.4 --> 1.1.1.1 / 255.255.255.0 / This network Eth3.5 --> 2.2.2.1 / 255.255.255.0 / This network No IP address on Eth3, so that is why it doesn't show up. My Google searching says that this is pretty much it as far as SPLAT config. This will send VLAN IDs 4 & 5 (via 802.1q encapsulation) down the wire physically attached to Eth3 interface. Ok, now the Cisco 3750 switch. I'm working with three interfaces on the switch. One is a trunk port that connects to the SPLAT Eth3 interface, and the other two are access ports; one for VLAN4 and the other for VLAN5: Trunk Port: interface GigabitEthernet2/0/1 switchport trunk encapsulation dot1q switchport trunk allowed vlan 4,5 switchport mode trunk Access port for VLAN4: interface FastEthernet1/0/17 switchport access vlan 4 switchport mode access Access port for VLAN5: interface FastEthernet1/0/18 switchport access vlan 5 switchport mode access No IP Addressing on the vlans as I want routing to happen through the gateway. Also, this switch is configured as VTP Server, but since I don't have access ports on other switches for VLAN4 & 5, VTP config shouldn't matter; at least that's what I think. PCs are plugged into the access ports, each configured appropriately: PC1 --> Fa1/0/17 (VLAN4) --> 1.1.1.2 / 255.255.255.0 PC2 --> Fa1/0/18 (VLAN5) --> 2.2.2.2 / 255.255.255.0 This should be it, but I see no evidence of any communication using PINGS and watching the SmartView Tracker. Please let me know if you see something terriibly wrong with my configuration. Thanks, Jason Scanned by Check Point Total Security Gateway. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to lists...@amadeus.us.checkpoint.com in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email fw-1-ow...@ts.checkpoint.com ================================================= Scanned by Check Point Total Security Gateway.
