Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2531
Views
0
Helpful
1
Replies

FTD not pinging VLANs/Sub-ints on trunk port to SW (LAN only setup)

Go to solution
S3C
Level 1
Level 1

‎08-28-2020 01:47 AM - edited ‎08-28-2020 01:48 AM

FTD setup through both cli & FMC

Interface 1 conf:

5 sub-interfaces, each interface is VLAN ID + SubintID = 10,20,30,40,50

IP: 192.168.10.10, 192.168.20.10 etc

 

SW Setup CLI:

Interface 9:

Switchport mode trunk

switchport trunk allowed vlan 10,20,30,40,50

 

Interface 1 - 5: (each interface got 1 VLAN added. int 1 = VLAN10, int 2 = VLAN20 and so on)

Switchport mode access

Switchport access vlan 10

 

VLAN 10,20,30,40,50:

Got the same IP as the Sub-ints on the FW

---------------------------------------------------------------

Interfaces & VLANs are up, but cant ping from either device.

On FTD I have enabled ICMP & made ACLs totally open but no success.

 

This is the end idea:

Host -> VLANx/interfacex -> interface9 (trunkport) -> FTD -> FTD inspects packets & route it back to source host

 

What have I missed to conf or done wrong?

Any suggestions would be great

 

Also check attached for diagram.

Preview file
89 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
S3C
Level 1
Level 1

‎08-28-2020 05:47 AM

Just realized the FTD havent commited my changes of the sub-ints as its not licensed yet...closing discussion.

View solution in original post

0 Helpful
1 Reply 1

Go to solution
S3C
Level 1
Level 1

‎08-28-2020 05:47 AM

Just realized the FTD havent commited my changes of the sub-ints as its not licensed yet...closing discussion.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card