I have new XG and don´t get it working with an additional Router and the Networks behind hin.
Let me explain.
XG210 (SFOS 17.0.5 MR-5)
Firewall Port 1 (LAN) 192.168.45.254 (VLAN 1)
There is a Layer 3 Switch on the Network (X620 Extreme) with LAN IP 192.168.45.1
On this Switch are defined various VLANs like
VLAN 99 IP 192.168.44.254
The Switch has a Default Route to 192.168.45.254 / Inter VLAN Routing is Active
The XG has Static Routes to all Networks behind the Switch with his VLAN 1 IP as Gateway : 192.168.45.1
The XG has on Pos. 1 a Rule that is : LAN to LAN any / any allow
NOW comes the Problem :
A Client with an IP 192.168.44.10 can Ping .. Internet (8.8.8.8 ) can Ping his own Gateway 192.168.44.254 and !! he can Ping the LAN Gateway of Port 1 192.168.45.254
But he can not ping or reach any other System into the 192.168.45.0 / 24 Network
The Packet Capture for the returning traffic from target back to original Location says : "Violation Invalid Traffic"
Into a Wireshark of the ping Target i can see that traffice arrives and goes back to Firewall.
It Looks like that the Firewall Engine of the XG see the traffic incomming on Port 1 but not Forward it back via Port 1 with the Static Rule.
Now an other curious .. the other Way works .. i can reach from any device in the LAN 192.168.45.X / 24 a System into the 192.168.44.X /24 Network
Can anyone help me with this Problem ?
Network Schema
Packet Capture Error
Static Route s
Rule 1
This thread was automatically locked due to age.
