Re: Routing & switching issues

DanielDK · ‎04-01-2019

Hello experts

We are a group of students who are setting up a small network and we are slowly losing it.

We aren't the best at networking, but we have been trying for a good number of days to make this setup work.

The problem is that when we are pinging around the network, we don't get anywhere and just can't figure out why, so we would love to get some feedback and some new eyes on our configuration.

https://cdn.discordapp.com/attachments/554958839481368578/562212604727001088/unknown.png

The link above will show our setup as it looks.

I will also put up our configs.

We thank you for any help that can be provided.

paul driver · ‎04-01-2019

Hello

After reviewing your topology and the files your attached it seems they don't relate, well not at present anyway.

By the looks of it MlSW0 and MLSW1 are your core switches which have L3 svi's for respective vlans 1, 10-15 , so i am assuming MLSW0/1 are suppose to be perfroming the inter-vlan communication and not the fortigate fw.

Now according to your topology diagram these two core switches are to be connected together via an aggregation portchannel and should run a first hop routing protocol (HRSP) between them for access layer resiliency I dont see hrsp applied yet.

Can you confirm a couple for things please?
1) Why are you using an IGP (ospf) do you want to run this at the access layer or just between the cores switchs and the fw?
2) What is the fortigate FW designated to do?
3) How will your clients assigned to these vlans be receiving ip address allocation - i dont see any dhcp server?

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

DanielDK · ‎04-01-2019

Hey Paul, and thanks for the reply

1) We planned to just run the OSPF on the core switches & the Fortigate, so it could communicate together.

2) Well, we have the mail server connected to the Fortigate, as a DMZ zone, but I'm not sure I fully follow this question.

3) The plan is to connect the DHCP out on the Aruba switch, there should be a DHCP, ADDS & DNS, and a File/Print server out there, but we haven't placed them in the topology yet.

I hope that this might clear up your questions, else I'll gladly try to elborate or answer new ones, since my first answers might be inadequate.

Cheers

DanielDK

paul driver · ‎04-01-2019

Hello

Thank you for your reply,

So to clarify the cores will be providing the inter-vlan routing and the FW will be segregating the mail server into a DMZ.

What vlan will be used as the mgt vlan between the core and access switches and also the addressing between the cores and the FW.

Will the fws be providing any external routes to the core switches or do you just require a default route on each core switch pointing towards the FW?

What are these used for?
network 10.0.2.128 0.0.0.15 area 0
network 10.0.2.224 0.0.0.3 area 0
network 10.0.2.232 0.0.0.3 area 0

I suggest to focus on the intervlan routing first and once that is up and tested then look at off site contamination via you fw and the resiliency.

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul