I've got a 3850 stack running IOS: Cisco IOS Software, IOS-XE Software, Catalyst L3 Switch Software (CAT3K_CAA-UNIVERSALK9-M), Version 03.06.04.E RELEASE
It's setup as an L3 switch with two Vlans (Voice & Data) and a default route to a WatchGuard Firewall cluster, the issue is the WG Firewall cluster appears to use VRRP so the mac-address for the cluster is:
With the switch in L3 mode I'm unable to get the Cisco to communicate with the WatchGuard cluster and if I try the old static ARP & static mac trick similar to what you use with Multicast NLB (for Windows) I get as far as the MAC entry then get the below:
mac address-table static 0000.5e00.0106 vlan 10 interface GigabitEthernet1/0/1 GigabitEthernet2/0/5 %Cannot configure a static entry for an address used by the router
At the moment I'm a bit stuck as I've had to set the clients default gateway to be the WatchGuard directly as opposed to the 3850, I assume I can't add a static entry for the mac due to some internal logic in IOS XE about MAC and VRRP entries (in case I ever configured VRRP)??
It's purely a next hop IP at the moment, if I did it based on interface that would be difficult as the WG FW is in the same subnet (still doesn't ping). So the next hop interface could be one of two ports depending on which cluster member was active?
The switch is 172.27.21.254 and the WG is 172.27.21.1 both in Vlan10, the Vlan10 SVI should be the client default gateway.
This is the sign you have been waiting for. It's the year you apply to become a Cisco Champion. As a Cisco Champion, you’ll:
Get early insights into new Cisco products and solutions
Receive access to Cisco’s engineering rock stars
Expand your ...
Discover how your network can power hybrid work with no compromise in security, agility, or experience.
Join us on Wednesday, February 23 at 10:00 AM PT / 1:00 PM ET for insights on innovations in Wi-Fi 6E, private 5G and more.
Hear from our panel of cus...
Listen: https://smarturl.it/CCRS9E3Follow us: https://twitter.com/CiscoChampion
Esports is booming and Cisco is taking a front seat in the future of Esports in a big way. Game publishers, professional teams, tournament organizers and venue owners ar...
Cisco recently announced the availability of the IOS-XE train – IOS-XE Cupertino 17.7.1. This is a standard maintenance release supporting switching, wireless, SP-Access, Routing as well as IoT (Internet of things) platforms with a sustaining support life...