Inter-LAN routing on Firebox

OceanKicksOceanKicks
in Firebox - Other

Hi all

We have recently replaced a Draytek 3900 with a Firebox M270. The only thing I'm currently stuck on is how I'd go about Inter-Lan routing, any advise would greatly be appreciated.

Thanks,
Matt

Comments

  • Bruce_BriggsBruce_Briggs

    Please explain your issue, LAN setup.

  • OceanKicksOceanKicks

    So I have a few vlans configured and need the following to communicate with each other

    VLAN 222(192.168.222.0)<->VLAN 227(192.168.227.0)
    VLAN 224(192.168.224.0)<->VLAN 228(192.168.228.0)

    Thanks in advanced.

  • Bruce_BriggsBruce_Briggs

    How are these VLANs connected to the firewall ?
    If they are defined to the firewall as connected to a VLAN interface, then all you need to do is add appropriate policies to allow them to intercommunicate.
    If you want all packet types to go between 2 VLANs, use an Any packet filter.

  • james.carsonjames.carson Moderator, WatchGuard Representative

    Hi @OceanKicks

    The firewall will handle the VLAN routing like any other network -- there needs to be rules for it.

    If you configure the VLAN on the firewall, it will appear as an aliased item when you go to make a policy. You can then put that VLAN in the FROM or TO for a policy, or if in the trusted or optional zones, you can use Any-Trusted or Any-Optional.

    Thank you,

    -James Carson
    WatchGuard Customer Support

  • OceanKicksOceanKicks

    Brilliant, thanks guys. I added both VLANs in From and To with TCP/UPD and it worked straight away!

  • Bruce_BriggsBruce_Briggs

    Note that TCP/UDP does not include other protocols, such as ICMP (ping).
    You probably have a ping policy which already allows pings from/to these VLANs

Sign In to comment.