Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Assign a second public subnet to DMZ

Hi,

I'm using a XGS116 with SFOS 20.0.1 MR-1-Build342.

I've got a public subnet 1 (2.1.1.0/30) assigned by the ISP.
2.1.1.1 is their gateway.
2.1.1.2 is used as static IP of PortF1 (ISP1).
I've got a backup connection on Port3 (ISP2).
I've defined a SD-WAN-Route with ISP1 and ISP2 as primary and secondary gateway.
The route matched all traffic to Internet IPv4 Group.

Now I've got a second subnet by ISP1.
3.1.1.0/29 with gateway 3.1.1.1
My DMZ is on Port 2.

I'd like to assign this subnet solely to DMZ without using NAT.
I've tried to create a bridge between PortF1 and Port2, assigning 2.1.1.2 as IP and 2.1.1.1 as gateway.

This steps kind of destroyed the entire configuration (SD-WAN rules, site-to-site VPN connections, .... were gone).
But the new IPs (e.g. 3.1.1.2) weren't working on the machines located in the DMZ.

Did I miss anything?

All IP addresses are fictitious!



This thread was automatically locked due to age.
Parents Reply Children