Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
835
Views
0
Helpful
6
Replies

Internet works from switch, No internet on system.

Rajan R
Level 1
Level 1

‎02-28-2020 09:34 AM

Hello, 

 

So we are trying to switch to new firewall hardware. Latest software. Same configs. No changes on our core. New firewall with test bed core switch works fine. So we try to go Live. Swapped cables, cleared arp. If I ping to internet from our core thru source vlans it works, but not from systems on the same vlan.

Any clues? Is this something to do with the firewall or the switch? 

Thanks

Labels:
0 Helpful
6 Replies 6

marce1000
VIP
VIP

‎02-28-2020 10:18 AM

 

 - Check the firewall logs for starters, especially blocked or dropped traffic, but also rule-matching for supposedly pass-thru traffic should be sanity-verified. If a rule should match and allow, then check logs and verify

 M.



-- ' 'Good body every evening' ' this sentence was once spotted on a logo at the entrance of a Weight Watchers Club !
0 Helpful

Rajan R
Level 1
Level 1
In response to marce1000

‎02-28-2020 11:16 AM

Thanks for your response.

 

There is nothing on the firewall logs. The same fw config works when i connect it a switch with same config as the core switch. Everything works fine there.

0 Helpful

Georg Pauwen
VIP
VIP

‎02-28-2020 11:26 AM

Hello,

 

which firewall do you have, an ASA ? Post the running configuration...

0 Helpful

Rajan R
Level 1
Level 1
In response to Georg Pauwen

‎02-28-2020 11:39 AM

It is a Fortigate. From every vlan interface on the switch the internet is reachable. "ping 8.8.8.8 source vlan xx" From the systems, nothing.

 

Thanks

Put the ASA to rest :(

0 Helpful

Georg Pauwen
VIP
VIP
In response to Rajan R

‎02-28-2020 11:52 AM

What can you ping from the Fortigate, the Vlan interfaces (I assume) and not the clients ? Post the running config of the switch, as well as the config of the Fortigate...

0 Helpful

Rajan R
Level 1
Level 1

‎08-22-2022 01:48 AM

This was a bug in the 4507 Switch. Had to add the vlan id along with the default route.

ip route 0.0.0.0 0.0.0.0 x.x.x.x vlan xx

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card