Hi Thomas,
What I wolud like to see:
- Output of "show vlan static 2"
- Output od "show port status"
- Output of "show mac vlan 2"
- Output of "show lacp"
Which type of box is this? Is routing enabled?
Give me the output of "show config router".
Kind regards
Reinhard
[email protected] schrieb:
Hi again,
I just ran into another interesting problem I actually have no solution for.
We are working with WAN Accelerators and two Firewalls running in
active/standby failover mode.
Normally we had only one firewall so setup was quite easy. From the C2
switch to the LAN port of the accelerator and from the wan port to the
inside port of the firewall.
Since we now have two firewalls we have to connect I thought of a simple
VLAN.
Connecting the switch port fe.1.39 to the lan port of the accelerator,
the wan port to, let’s say, fe.1.40 and the two inside interfaces of the
firewalls to fe.1.41 and fe.1.42.
For those three ports I have created a vlan
set vlan create 2
set vlan name 2 "Transit"
set port vlan fe.1.40 2 modify-egress
set port vlan fe.1.41 2 modify-egress
set port vlan fe.1.42 2 modify-egress
set port alias fe.1.39 "LAN Acc"
set port alias fe.1.40 "WAN Acc"
set port alias fe.1.41 "Inside-Primary FW"
set port alias fe.1.42 "Inside-Secondary FW"
When I try to ping or send any other packets it always fails.
I can see the ARP broadcast, requesting for the inside IP of the FW,
coming out of the WAN port of the accelerator, but I don’t see it coming
out of either port fe.1.41 or fe.1.42.
So the broadcast goes into the VLAN 2 but not exiting it…
I am pretty confused about this. Does anybody has an idea about this?
BTW, if I use a simple 5 port switch and connect all three “ports” it
works like a charm, it only fails with the VLAN configuration…
Bye
Tom
--
Thomas Hofmann, System-/Networkadministrator, IT
EB - Discover the Experience
Visitors: Am Wolfsmantel 46, 91058 Erlangen, Germany
Phone: +49 (9131) 7701 6969, mailto:[email protected]
Fax: +49 (9131) 7701 6333, http://www.elektrobit.com
<http://www.elektrobit.com/>
PGP-Key: http://keyserver.elektrobit.com <http://keyserver.elektrobit.com/>
Elektrobit Automotive GmbH, Am Wolfsmantel 46, 91058 Erlangen, Germany
Managing Director Otto Fößel
Register Court Fürth HRB 4886
----------------------------------------------------------------
Please note: This e-mail may contain confidential information
intended solely for the addressee. If you have received this
e-mail in error, please do not disclose it to anyone, notify
the sender promptly, and delete the message from your system.
Thank you.
* --To unsubscribe from enterasys, send email to [email protected]
<mailto:[email protected]> with the body: unsubscribe enterasys
[email protected]
--
Dipl.-Ing. Reinhard Strebler
Karlsruhe Institute of Technology (KIT)
Universitaet Karlsruhe (TH)
Steinbuch Centre for Computing (SCC)
Abteilungsleiter Netze und Telekommunikation (NET)
D-76128 Karlsruhe
Tel. +49(0)721 608-2068
Fax +49(0)721 32550
[email protected]
---
To unsubscribe from enterasys, send email to [email protected] with the body:
unsubscribe enterasys [email protected]
