![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
Hi there,
I've inherited a setup at job that is a bit beyond my knowledge and would appreciate any assistance. I am still studying towards CCNA, so I am still somewhat of a cisco noob. This is for a school. The production wireless is strictly for machines that are used inside the building. This pulls DHCP from the primary production scope. There is (or was) a guest network that was supposedly working at one time.
The guest network is just for faculty and visitors to connect their personal devices to. It runs on a seperate vlan that should have no connectivity to anything on the production network. Where my problem comes in, is that I am able to get connected to the guest network and get an IP, but I can't ping anything outside the vlan network. The setup is semi complex (for me at least). Visual is attached below, all hardware is cisco other than load balancer and sonicwall (Core switch is 3750 stack, WLC 5508, and ASA5510). I am using the sonicwall for DHCP on the guest network. I believe my issue lies somewhere in the core switch, because I am able to ping it, but not the ASA. In a summary, two internet links go into a load balancer, from there into the ASA, from there through the sonicwall (in transparent mode just doing web filtering), and then into the core switch. Guest vlan is 172.30.2.x, the WLC's for the AP's are into trunk ports, the sonicwall x2 interface is into a guest network VLan access port on the core. ASA 0/2 port has a sub interface configured for the guest vlan, but I can't ping that IP.
On a side note - if someone has a different suggestion on how to get this working, feel free to say. I inherited this and my intent is to get it working one way or another. I believe it was originally set up this way so that they would still be behind the web filter (sonicwall). Thanks for any input.
Here is link to vizio if image didnt work - http://www.flickr.com/photos/36486822@N03/9675216450/
I've inherited a setup at job that is a bit beyond my knowledge and would appreciate any assistance. I am still studying towards CCNA, so I am still somewhat of a cisco noob. This is for a school. The production wireless is strictly for machines that are used inside the building. This pulls DHCP from the primary production scope. There is (or was) a guest network that was supposedly working at one time.
The guest network is just for faculty and visitors to connect their personal devices to. It runs on a seperate vlan that should have no connectivity to anything on the production network. Where my problem comes in, is that I am able to get connected to the guest network and get an IP, but I can't ping anything outside the vlan network. The setup is semi complex (for me at least). Visual is attached below, all hardware is cisco other than load balancer and sonicwall (Core switch is 3750 stack, WLC 5508, and ASA5510). I am using the sonicwall for DHCP on the guest network. I believe my issue lies somewhere in the core switch, because I am able to ping it, but not the ASA. In a summary, two internet links go into a load balancer, from there into the ASA, from there through the sonicwall (in transparent mode just doing web filtering), and then into the core switch. Guest vlan is 172.30.2.x, the WLC's for the AP's are into trunk ports, the sonicwall x2 interface is into a guest network VLan access port on the core. ASA 0/2 port has a sub interface configured for the guest vlan, but I can't ping that IP.
On a side note - if someone has a different suggestion on how to get this working, feel free to say. I inherited this and my intent is to get it working one way or another. I believe it was originally set up this way so that they would still be behind the web filter (sonicwall). Thanks for any input.
Here is link to vizio if image didnt work - http://www.flickr.com/photos/36486822@N03/9675216450/