Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
395
Views
0
Helpful
0
Replies

Catalyst switch as DMZ not passing traffic to all IP's

jason00040
Level 1
Level 1

‎06-23-2020 12:07 PM - edited ‎06-23-2020 12:09 PM

I have a 3825 with 1 nme-xd-48es-2s-p and 1 hwic 4esw.  My ISP provides two public static IP's.  I want to come from the cable modem to a 3-port DMZ (on the 4ESW), pass one IP to my firewall and the other to a second firewall.  Basically, use the 4ESW as a dumb switch only.  Both firewalls are set up as static IP's and the public IP's are in the same /28 subnet so I don't see a need for layer 3 here.

 

When I connect all 3 to a new vlan only one of the firewalls pass traffic.  If I pull the 3 cables and put into a simple Netgear 5 port switch all traffic flows.  I suspect this is an arp issue somewhere, but I cant figure out for sure.

 

I've tried setting the DMZ vlan to no ip, a bogus ip, nothing helps.  My hunch is the Cox modem is taking the first 2 MAC's it sees and binding them to the two IP's, and one of those MACs is the vlan MAC maybe?

 

It does the same thing when I try to do this in the NME-XD too.

 

0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card