Solved: L2 switch management

a.alyahia · ‎06-22-2020

i have a layer two switch with vlan 30 connected to a firewall as its gateway

i configured an svi on vlan 30 to be able to manage it

i can reach its from within the subnet but not from outside

interface GigabitEthernet1/0/11
switchport access vlan 30
switchport mode access
spanning-tree portfast

interface Vlan30
ip address 172.30.100.5 255.255.255.0

Giuseppe Larosa · ‎06-22-2020

Hello @a.alyahia ,

on the L2 switch:

if IP routing is disabled you need to configure the firewall 's IP address as default gateway

ip default-gateway 172.30.100.1

if IP routing is enabled you need to configure a default static route pointing to the FW IP address

ip route 0.0.0.0 0.0.0.0 172.30.100.1

Likely the first option applies to your case.

Hope to help

Giuseppe

View solution in original post

Reza Sharifi · ‎06-22-2020

Hi,

Check the NAT config on the firewall. You maybe NATing 172.20.100.0/24 subnet only and not 172.30.100.0/24 subnet. If that is the case, add 172.30.100.0 subnet and try again.

HTH

Giuseppe Larosa · ‎06-22-2020