Failing to connect Second LAN SA520W from broadband router.

Shark_es2003 · ‎02-17-2020

Hi all.

I'm trying to implement a network topology based on the next schema:

INTERNET ----> NAT DOMESTICAL Broadband router ---> LAN1 ---> NAT Cisco SA520W ---> LAN2

Problems become when I try to reach LAN2 from LAN1. LAN2 have Internet access (is a must), but is impossible for me to connect to LAN 2 to manage it from LAN1.

I can´t remove or bridging Broadband router, because Wifi is better than SA520W.

LAN1 IP addressing is: 192.168.1.0/24 - GW: 192.168.1.1

LAN2 IP addressing is: 192.168.75.0/24 - GW: 192.168.75.1

Although all SA520 firewall ports are open (with a rule UNSECURE to SECURE, service: ANY, Allow always, IP destination: the service I want to manage, port: the corresponding to the service, I'm not able to reach LAN2.

Any suggestions or ideas?

Many thanks

Any suggestions about what could be the problem?

Georg Pauwen · ‎02-17-2020

Hello,

there needs to be a common subnet between Lan 1 and Lan 2 in order to get from Lan 1 to Lan 2. What IP address are you trying to use to connect to the SA520W ?

Shark_es2003 · ‎02-18-2020

Hi. Thanks for your response.

First of all let me attach a graph file to describe correctly the real
installed topology.

Originally the admin web of SA520W (https://192.168.75.1) was not reached.

Once I added a static route like this on the broadband router:

*192.168.75.0/24 Interface LAN Gateway
192.168.1.253*

I became to reach the web admin page, but no other LAN2 device / service is
reachable from LAN1.

Of course I added a rule into the SA520 firewall:

*FROM: Unsecure Zone (WAN) TO Secure Zone (LAN),* *Service: Any*, *Permit
All, IP destiny*

Many thanks.

Georg Pauwen · ‎02-18-2020

I don't see any attachments ? Do you have a schematic drawing ?

Shark_es2003 · ‎02-18-2020

Sorry, I missed the attached file.

https://1drv.ms/u/s!AuWAi94-bd7whrUK7MeRfnwEVeXNhw?e=QUR3yG