Solved: Routing 3750X and Firewall

Julio A. Martinez Herrera · ‎01-28-2014

Hello Dudes !

Nowadays i'm working on my own lab at the office, before installing the equipment. My problem is the routing between the Catalyst 3750x and the Firewall Fortinet connected to my ISP (Service Provider/Internet).

I have briefly set on Catalyst 3750x :

Enable Routing :

ip routing

Create Vlan:

vlan 10

name Data

interface vlan 10

ip address 192.168.10.254 255.255.255.0

Switch Port:

switchport mode access

switchport access vlan 10

spanning-tree portfast

The Port (Giga 1/0/24) thats connect to my Fortinet

no switchport

ip address 192.168.100.1 255.255.255.0

Then add a default route to Fortinet Interface (Internal) Next Hop:

ip route 0.0.0.0 0.0.0.0 192.168.100.2

On my Laptop:

IP 192.168.10.10 / 255.255.255.0

Gateway 192.168.10.254 (Interface VLAN 10)

DNS Ex. 8.8.8.8

When I do ping to my Gateway 192.168.10.254 .. it Works !!

When I do ping to Catalyst Interface that connects to Fortinet 192.168.100.1 .. it Works !

But , when I do ping to Fortinet Interface .. Fail !!

The switch catalyst can ping fortinet interface 192.168.100.2 , and fortinet can ping

Catalyst port 192.168.100.1.

I was following this Guide

http://www.cisco.com/en/US/tech/tk389/tk815/technologies_configuration_example09186a008019e74e.shtml

Any ideas ?

kcnajaf · ‎01-28-2014

HI Julio,

Do you have a route back on fortigate for 192.168.10.x (VLAN 10) network ? If not please add that give a try.

Hope that helps.

Regards

Najaf

Please rate when applicable or helpful !!!

View solution in original post

kcnajaf · ‎01-28-2014

HI Julio,

Do you have a route back on fortigate for 192.168.10.x (VLAN 10) network ? If not please add that give a try.

Hope that helps.

Regards

Najaf

Please rate when applicable or helpful !!!

Julio A. Martinez Herrera · ‎01-29-2014

The solution was :

1.- Fortinet to LAN Switch 3750x = Static Route

2.- LAN Switch to Fortinet = Default Route

Thanks.