I'm kind of a n00b, so there's probably something obvious I'm overlooking.
I have an Aruba Mobility Access Switch, which I created all my VLANs on, and assigned them IP addresses. I also have an Aruba 7200 series mobility controller. The switch and controller are connected via trunked ports. I also created the VLANs on the controller and assigned them an IP. Each VLAN on the controller has the DHCP server service running with a scope that matches the corresponding VLAN subnet. The DHCP server for each VLAN also has the VLAN's IP address on the switch set as the default router/gateway. From what I understand, this allows the switch to do the routing between VLANs. I then connected the firewall to an access port on the switch and added a static route on the switch 0.0.0.0, 0.0.0.0, 10.0.1.254 (destination IP, destination subnet, next hop). Finally, I added static routes on the firewall from it's LAN interface to the IP address of the switch.
Here's the current situation:
I connect a client to port 12 (GE0/0/12) on the switch. The client successfully pulls a correct IP (10.0.9.11) from the DHCP server running on the controller. ipconfig shows 10.0.9.1 (Switch VLAN 90 IP) as the default gateway, and 10.0.9.2 as the DHCP server (Controller VLAN 90 IP). From the client, I can ping the switch, controller, firewall, etc, as well as any internet address (i.e. 8.8.8.8). I can also access the management interface of all the devices from the client. This makes sense to me so far as I have not set up any ACLs yet.
However, what I can NOT do is ping any devices by their FQDN or ping an external domain (i.e. google.com),
I'm not exactly sure what to do at this point. I've tried a few different settings for DNS server on the controller's DHCP settings. Using the same IP as the default router doesn't work, nor does using the IP of the firewall.
BUT.... If I manually configure the DNS server on the client to an external address (8.8.8.8), then I can ping google.com and have full internet access. I'm stumped.