a, in order to guarantee the network access security, between switches and routers, place the hardware firewall equipment, and firewall device in transparent mode, in order to avoid the broadcast storm, and network virus affect the operation of the whole local area network (LAN), are all divided into several virtual computers, each of the virtual network gateway based on all switches.
after the completion of two, but can not succeed all the computers in a LAN have access Intranet platform system, any login one terminal, and performs the ping command in the system, test the router's IP address is connected, found that cannot succeed, found the new firewall is also work in transparent mode state, not set up any security filtering rules at the same time, remove the firewall, router equipment and new firewall equipment directly connected together, the results showed that all the terminals in the local area network (LAN) can successfully access to the internal network platform, confirm the new firewall equipment sure there is a problem.
(3) due to remove hardware firewall, normal access to the network of terminals in the local area network (LAN), at the same time a hardware firewall in the backend system is not set clear security filtering rules, so it will soon be troubleshooting key lock on a hardware firewall, since from the hardware firewall Settings is not a problem, the most is the quality problems of the device.
four, log in to the device through the console port of the background management interface, check the security filter rules, so he found only set up a any to any safety rules, this access rule should be liable for any network access them, continue to query, found the firewall Settings management IP address and gateway, the original address is a new firewall in order to facilitate remote management and remove the management address, restart the firewall device background system at the same time, after restart the stability, the firewall system background ping test about the IP address of the router, the results showed that the test successfully.
try again from the terminal of Internet test, found not normal to the Internet, Intranet, or the restoration of firewall all set to the default state, the configuration operation after, found that between switches and routers can ping each other, but the terminal is not accessed properly in local area network (LAN);Because the ping test normal operation, network management thought problem certainly has nothing to do with the firewall devices, cannot access failure phenomenon is likely to be caused by the network itself.
six, select a terminal from the local area network (LAN), begin to send packets to track test, the results showed that the packet is always unable to achieve network routers, considering not set any firewall filtering rules, may be switches will automatically be filtered out Internet packets, then log in to the core switch the background system, check the switch to which content filtering, but there is not any content access list, this also means that the switches are not performed packet filtering operation, view the routing table, routing record clearly found abnormal, did not achieve network routing, this also no wonder terminal in the local area network (LAN) cannot be accessed correctly.
after figuring out the cause of the problem, in the hardware firewall to reconfigure the appropriate access rules, to ensure that the equipment will not block dynamic routing, indeed as expected after such Settings, found that have been able to successfully access the Intranet, at this point, don't have access to a network fault phenomenon was successfully solved.