Re: Communication across VLANs

networkingNewb · ‎01-04-2025

Hi community,

I am working on a new project and getting stuck on the communications across vlans. I would like my PCs across the networks to communicate, ie those on the left to be able to ping the computer on the right (for example the PC in red should be able to communicate with the PC in green). It was working well for a while but it suddenly stopped working. I am a new to networking so I'm not sure where I am going wrong. Is it due to the NAT in my firewall?

I'd appreciate any help on this. I've attached my packet tracer file for reference. Thank you!

Flavio Miranda · ‎01-04-2025

@networkingNewb

It seems the problem is related to the firewall HQ_Firewall showing the network 200.10.3.0 as directly connect on its interface, when, in fact, it should not.

This will cause the firewall to not route packet for network 200.10.3.0 towards 200.10.3.173 in order to reach the final destination which is vlan 10.

C 200.10.3.0 255.255.255.240 is directly connected, DMZ, GigabitEthernet1/3

C 200.10.3.0 255.255.255.252 is directly connected, inside1, GigabitEthernet1/1

is directly connected, inside2, GigabitEthernet1/2

is directly connected, outside, GigabitEthernet1/4

The network is also received via OSPF, but, the local interface will have preference.

O 200.10.3.0 255.255.255.192 [110/2] via 200.10.3.169, inside1, 00:03:00, GigabitEthernet1/1

[110/2] via 200.10.3.173, inside2, 00:03:00, GigabitEthernet1/2

networkingNewb · ‎01-04-2025

Hi @Flavio Miranda, thank you for the insight! Any ideas on how I can rectify this? How do I remove the 200.10.3.0 connection on the firewall? Is it due to the dynamic NAT configured on the firewall?

Flavio Miranda · ‎01-05-2025

@networkingNewb

You can use a different network for vlan 10.

Flavio Miranda · ‎01-05-2025

@networkingNewb

I change Vlan 10 from 200.10.3.0 to 200.10.10.0 and it works now.

If you need anything else, let me know. Congrats on your work by the way. Very complex topology.