Hello everyone,
Now im using Palo alto firewall as virtual router but i want change to Mikrotik rb450gx .
Palo alto » core switch G24xc » 6 switch x440
In palo alto eth5 (Internet) - eth 1 to core switch (g24xc)
This Pic Routing on Palo alto
This some config from core switch (g24xc)
create vlan "AP-AC-LT1-01"
configure vlan AP-AC-LT1-01 tag 241
create vlan "AP-AC-LT2-01"
configure vlan AP-AC-LT2-01 tag 244
create vlan "AP-mgmt"
configure vlan AP-mgmt tag 211
create vlan "SW-mgmt"
configure vlan SW-mgmt tag 210
create vlan "IP_management"
configure vlan IP_management tag 215
create vlan "P2P-Core-Firewall"
configure vlan P2P-Core-Firewall tag 280
create vlan "Staff"
configure vlan Staff tag 250
create vlan "LT1-01-Staff
configure vlan LT1-01-Staff tag 2112
configure ports 1:1 display-string to-AC-LT1-01
configure ports 1:2 display-string to-AC-LT1-01
configure ports 1:3 display-string to-AC-LT2-01
configure ports 1:4 display-string to-AC-LT2-01
configure ports 1:17 display-string to-Firewall
enable sharing 1:1 grouping 1:1-2 algorithm address-based L2
enable sharing 1:3 grouping 1:3-4 algorithm address-based L2
configure vlan AP-AC-LT1-01 add ports 1:1 tagged
configure vlan AP-AC-LT2-01 add ports 1:3 tagged
configure vlan AP-mgmt add ports 1:9, 1:16 tagged
configure vlan IP_management add ports 1:1, 1:3, 1:17 tagged
configure vlan P2P-Core-Firewall add ports 1:17 tagged
configure vlan Staff add ports 1:1, 1:3 tagged
configure vlan Staff add ports 1:20 untagged
configure vlan LT1-01-Staff add ports 1:1 tagged
configure vlan SW-mgmt ipaddress 172.30.10.1 255.255.255.0
configure vlan Staff ipaddress 10.55.0.1 255.255.254.0
configure vlan LT1-01-Staff ipaddress 10.52.0.1 255.255.255.0
configure vlan AP-AC-LT1-01 ipaddress 10.0.21.1 255.255.255.0
configure vlan AP-AC-LT2-01 ipaddress 10.0.24.1 255.255.255.0
enable ipforwarding
... etc
# Module rtmgr configuration.
configure iproute add 172.30.6.0 255.255.255.0 172.30.5.2
configure iproute add 172.30.5.4 255.255.255.252 172.30.5.2
configure iproute add default 172.30.5.2
# Module netTools configuration.
enable dhcp ports 1:1 vlan LT1-01-SETWAN
configure vlan LT1-01-Staff dhcp-address-range 10.52.0.2 - 10.52.0.254
configure vlan LT1-01-Staff dhcp-lease-timer 23400
configure vlan LT1-01-Staff dhcp-options default-gateway 10.52.0.1
configure vlan LT1-01-Staff dhcp-options dns-server 1.1.1.1
configure vlan LT1-01-Staff dhcp-options dns-server secondary 8.8.8.8
......etcPlease guide me to config rb450gx .
sorry for my english.
Thanks
vlan 10 : HR 172.16.10.1/24
vlan 20 : IT 172.16.20.1/24
vlan 30 : FINANCE 172.16.30.1/24
vlan 40 : SALES 172.16.40.1/24
vlan 50 : P2P_MIKROTIK 172.30.5.1/30 (Mikrotik side 172.30.5.2/30)
configure iproute add default 172.30.5.2
dhcp already on switch
---
Config on Mikrotik
eth1 : to internet
eth2 : to switch : ipaddress (172.30.5.2/30)
add static route
172.16.10.0/24 gw 172.30.5.1
172.16.20.0/24 gw 172.30.5.1
172.16.30.0/24 gw 172.30.5.1
172.16.40.0/24 gw 172.30.5.1
what im doing wrong ?
I want change Palo alto to Mikrotik RB-450gx.
not working : cant ping to internet dan cant ping to mikrotik(vlan p2p-corefirewall) 172.30.5.2.
