Thanks for the info I have had them powered on and off for testing purposes on a separate isolated internet connection so I can get them on the cloud. Cheers ... View more

I always create a "Deny All" rule for my entire local subnet.  This blocks all inter-vlan traffic.  All inter-vlan traffic that I want to permit I put above that line, and everything else goes below it.  In your case, you would put the ICMP rule above the Deny All rule.   Here is an example:     ... View more

Your correct we don't Need the WG but my boss would like to keep it in for Double security Basically using MX for internal stuff and WG for External... We have a lot of policies already set up on the WG for flows in /out etc   Thanks for the suggestion on flows I will probably look at doing that.   All of our Vlans are set up on the core switch ( there are no VLANs set on the WG ) so we need minimal VLANs on the MX - just those for routing traffic between Core and internet. Our Guests are pushed through a splash page current for access so once they go through the splash page they are given access to the internet. cheers ... View more

Welcome to the community! ... View more

Does your ISP require you to register the MAC address with them for the Static address to work ? Also after setting the static in your MX device - reboot your ISP modem to clear out the old cache etc for the old ASA and have the MX request the static IP from the modem. Ive had to do both before to get MX working with static IP.   ... View more