Re: Two lan interface communication in firewall 5506

Tabish Hussain · ‎09-23-2023

Hi Team,

I want two LAN to communicate with each other which is connected directly to two ports of FW 5506.

FW port 1 - 192.168.1.0/24

FW port 2 - 192.168.100.0/24

Can someone help with the command to achieve communications between LANs.

Thankyou

MHM Cisco World · ‎09-23-2023

Make gw of host in these lan is FW IP

Config interface in FW with same secuirty level

Config same secuirty level intre interface

Tabish Hussain · ‎09-23-2023

Hi,

I stuck in some strange situation so i can ping from pc(192.168.100.2) to another pc(192.168.1.2) on different n/w but I(192.168.100.2) can not not ping different n/w gateway(192.168.1.1) that is configure on fw int. Please assist.

MHM Cisco World · ‎09-23-2023

That normal' FW not accept ping it interface through FW but can accept ping any host through FW.

You here want to ping from 100.2 to 1.2 but you cant ping FW interface 1.1.

That normal

The FW can only accept ping to interface from PC in same subnet.

Gopinath_Pigili · ‎09-23-2023

In firewall configure...security zone named INSIDE

Router(config)#zone security INSIDE

Move FW prot1 and port2 to the INSIDE Zone...

Router(config)#interface gigabitEthernet 1/1

Router(config-if)#zone-member security INSIDE

Router(config)#interface gigabitEthernet 1/2

Router(config-if)#zone-member security INSIDE

since both ports (port1&2) are in the samezone....

by default firewall allow the communication between two interfaces that belongs to the same zone...

I hope the above information is useful....

Thanks