Hi,
Apologies if i have gone about this the wrong way but this is my first time asking a question.
We have 2 new Core 5412 Chassis switches VVRP between them on trunk 5.
We have migrated over old systems to this new setup and have attached a Checkpoint Nokia Firewall. This has 3 DMZs 200, 201, 203, Internet. On both 5412 chassis config i have created Vlan 200, 201, 203, 99 (internet) for the separate DMZ's offered by our Firewall. I have assigned the following interfaces to the Vlans:
B13 untagged(VLAN 200),
B15 untagged (VLAN 201),
B17 untagged(VLAN 203),
B19 untagged (Vlan 99)
I have also created Vlan 666 for any unwanted traffic.
I have connected the Firewall DMZ corresponding ports into these interfaces on both cores.
I Have then connected our Citrix Gateway that is in DMZ 200 to interface F17. I have tagged this on VLAN 200, Tagged it in VLAN 1 and untagged in VLAN 666. My assumption was this Citrix gateway should be connectable through DMZ 200, but this does not seem to have happened.
One thing that is working is that we have connected up our vmware ESX boxes in this way and the virtual machines connect fine through these DMZ's with the same tagging and untagging setup.
Could someone please advise where i have have gone wrong? This is just one example as i have 2 other Citrix gateways with the same issue that i have setup in the same way.
Its the same for our internet Vlan 99 i connected a Cisco 1800 box which goes out to the WLAN to interface B12 untagged, and assigned interface B19 tagged so that our firewall can see the outside world but this did not work also.
I have ended up plugging the Cisco box into a 3400 switch and then plugging the firewall into this which worked and allowed us to see the outside world. I would like this all routed through the 5412 switch for a more tidy and redundant solution.
Any assistance much appreciated.
Stephen