08-16-2017 01:35 AM - edited 03-05-2019 09:00 AM
hi all,
I intend to implement a Fortigate 300D firewall to my current network. After connecting all physically, the link from ASR to Fortigate can ping.
Taken that there is no policy in the firewall, everything is allowed. The traffic from server cannot route out of the ASR.
I have no idea how to route the traffic from L3 to L2.
Appreciate any advice. Have attached the network diagram and ASR config.
08-16-2017 02:52 AM
As per your diagram the following routes should be there:
1- servers GW is the firewall
2- Firewall should have a default route pointing to the facing ASR interface.
3- The ASR should have a static route for the servers ip addresses pointing to the Firewall facing interface.
Mo
08-16-2017 08:33 AM
Hi
As Mohammad mentioned, verify the static routes on the Fortinet, I remember they are on the Route Section.
08-16-2017 08:13 PM
hi all, the Fortigate is actually managed by my 3rd party developer. They just want to tap on to our infra. I belive they will config as they have use the same firewall in other deployments.
For ASR part, i have added this route - ip route 202.14.200.0 255.255.255.0 203.116.154.186
But still don't seem to work.
Im suspecting the routing have to do in the BGP portion ?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: