2 watchguards on VLAN 1 but different network

tantonytantony
edited November 5 in Firebox - Networking, Multi-Wan, VLAN, NAT, SD-WAN

What would happen if I have 2 watchguards both on VLAN 1, but different network. For example, WG1 on 10.0.0.1/24 and WG2 on 192.168.1.1/24. connected to switch on VLAN1? Which network would the switch get the IP of? If I assign the switch a static IP would it accept that?

Comments

  • Bruce_BriggsBruce_Briggs

    Will your switch allow 2 different subnets to be defined as on the same VLAN???

    On the firewall, a VLAN has a specific subnet defined to it.
    If traffic comes in tagged for that VLAN but from a different subnet, I would expect those packets to be denied as spoofed source.

  • james.carsonjames.carson Moderator, WatchGuard Representative

    It depends on the switch. Some may be perfectly ok with that, some may monitor traffic and refuse to pass it.

    I would suggest for the sake of your sanity to put the networks onto separate VLANs if you can. The two networks won't be able to talk to each other (on the same VLAN) unless a static route is set up or machines on that specific network are multi-IPed.

    -James Carson
    WatchGuard Customer Support

Sign In to comment.