If the routing between VLANs on your edge switches happens on the core switch, then you would need to configure a route to those subnets pointing to the core switch.
If your core and edge switches are pure L2, then all routing should happen on your firewall. So it depends on how your network is designed and setup.
------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check
https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
------------------------------
Original Message:
Sent: Apr 07, 2024 07:27 AM
From: lwat
Subject: Understanding the flow of a packet when using Fortigate Firewall
Hi,
I am new to Aruba Switches and Fortigate Firewalls and trying to understand the flow of a packet.
We have NBN which connects into our WAN switch. The WAN switch connects to our core switch.
The core switch connects to a Fortigate Firewall and connects into our Edge Switches.
On the core switch the default route 0.0.0.0 0.0.0.0 <ip address>.
This <ip address> is configured inside Fortigate under the Aggregated Link as an IP Address for a Virtual LAN.
If a host connected to an edge switch pinged google.com would the packet be sent to the core switch and then
be passed to the Fortigate firewall and then sent to a Fortigate SD-Wan Internet Zone?
What would the response packet hit?