Hello! I am trying to put a FW 5506 inline (Routed Mode) between our corporate network and an ICS network controlled by a PLC. If I directly connect devices to the FW and assign their corresponding FW interface as the Default Gate Way traffic has no issues trans versing through the FW. However when placed inline as seen below I can only reach the 10.12.X.5 interface and nothing beyond it. I feel like a static route in the Router would help but I'm honestly a little lost. Any help would be greatly appreciated!
** Before this FW was placed inline I had NO issues reaching the PLC from the archive server. LOL
You fw doesn't know how to get to the destination address as it is on both sides of the firewall. You would need to be in non-routed mode for the layout you depict. I would recommend taking the 192.168.x.X network off the router, switch and firewall. Then you would have 1 network on either side of the firewall.
DMVPN (Dynamic Multipoint VPN) Introduced by Cisco in late 2000 is a routing technology you can use to build a VPN network with multiple sites (spokes) without having to statically configure all devices. It’s a “hub and spoke” network, where the spok...
On 24th August 2021, Cisco announced the latest IOS XE release - Cisco IOS XE Bengaluru 17.6.1a
IOS XE 17.6.1a unlocks various routing features and enhancements comprehensively covering different technology segments such as voice, security,...
DMVPN (Dynamic Multipoint VPN) Introduced by Cisco in late 2000 is a routing technology you can use to build a VPN network with multiple sites (spokes) without having to statically configure all devices. It’s a “hub and spoke” network, where th...
SummaryRequirementsConfiguration StepsVerificationFAQTroubleshootingReferences & Tools
In the past when IOS 12.x was hot stuff we used MD5 to authenticate OSPF neighbors. This worked great on ethernet networks because OSPF is a m...
Chapter 1 – Pre-requisite
You have Root or Super Users access privileges of Cisco Prime Infrastructure.
You have access credentials of Cisco DNA Center.
You use Cisco Prime Infrastructure version 3.5 and above which is compatible with Cisco DNA Center v...