Re: Two Firewalls connecting to 3 ISPs by using intermediate switch

LovejitSingh130013 · ‎06-20-2022

Hello, Experts @balaji.bandi @Rob Ingram @Georg Pauwen

I have two Firewalls connected with 3 ISPs passing through an intermediate Internet switch. I attached a diagram as well. The Internet switch is on default config, All three WAN links are operational on the firewall.

As per my knowledge, Internet switches should have VLANs for each ISP as they use separate Public Subnets. How does the Internet work? what are the possible issues we can face with this setup?

I see occasional packet loss like once in a week, it is possible due to this switch setup without VLANs?

MHM Cisco World · ‎06-20-2022

the story start from internal VLAN, can you share the full topology.

balaji.bandi · ‎06-20-2022

This required more information, when you mentioned what default gateway means, is the config done on the Switch side.

In this diagram best is to use Switch as Layer 2 with respected VLAN, the rest of config should be done on Firewalls is the best to approach.

by the way switch running default vlan 1 ( what switch is this ?) show run will help to understand here.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

LovejitSingh130013 · ‎06-21-2022

Hello @balaji.bandi @MHM Cisco World

The issue is with Internet links with both firewalls. The Internet switch is Aruba2920 with no config. They just opened it from the box and add it bw ISP routers and Firewalls.

The Left Fortinet Firewall is for Internet traffic whereas Sonicwall is configured with tunnels. All the internal traffic hit first Fortinet and tunnel routes are rerouted to Sonicwall.

The Problem is that Fortinet has 3 Internet WAN connections connected to different ISP routers with different Public Subnets but all ports on Internet switch is on default vlan. is it normal setup or all three ISPs needs to be on separate vlans on Internet switch.