Routing Question

Hi JGrioni,

I am sorry for your issue. To me it looks like return route issue on your firewall, or port configuration (PVID, as CarlZhu indicated)  issue on that port the firewall is connecting to.

Port configuration: when the firewall connects to VLAN 1, we need to check the port configuration on the switch. Does it match firewall LAN configuration? I am assuming all packets are tagged by the firewall, so XS716T port should be in Tagged mode, with no PVID.

Return routes: we need to check if firewall is correctly returning traffic to XS716T VLAN 1 and VLAN 2 IP interfaces (return static routes). If not, we need to configure these static routes accordingly on the firewall. 

I have a last question: are we sure we want to enable Routing on XS716T? With routing enabled, all VLAN 1 nodes and VLAN 2 nodes can see each other, and ACLs will have to be used for access control and inter-VLAN security. If this is a small separate LAN in the company, maybe that switch should remain Layer 2 only, with routing on the firewall?

Either way we want to help you JGrioni: please give us an updtate. Next time we'll need the XS716T configuration file, as well as the firewall routing table and firewall LAN port configuration.

Regards,