Solved: Help with vlan configuration

GoranP · ‎04-27-2022

Hello to everyone,

Im engaged from my employ to do some advanced configuration on existing network. Im completely new to Meraki but have some expirience doing network administration.

I have problem with vlan configuration.

network:

Palo Alto firewall

2 x MS425-16 in stack

5 x MS225-48

10 x MR56

Admins before me configured entire network in vlan 1 (servers, clients, meraki management IP...)

and that is work fine.

On stack is created switch vlan interface in default vlan 1 192.168.0.29 and global default route is 0.0.0.0/0 -> 192.168.0.1 (that is address of palo alto interface)

The idea is to make more separate vlans like Guest, Users, Servers, Device Management with different subnets

I created Guest switch vlan 20 interface on stack 192.168.20.1/24 with dhcp relay in 192.168.0.0 network where is server, and that is work fine.

I wonted to make Management vlan for all Meraki devices in subnet 192.168.3.0 and i created switch vlan 3 interface on stack 192.168.3.1/24 after i change the ip address of all Meraki devices to appropriate IP address for examle 192.168.3.10 with default gateway 192.168.3.1 and put it in vlan 3

After i do that 15 of my devices resume working just fine but i lose connectivity with my core switches. (2 x MS425-16 in stack)

I tried changing management vlan to vlan 3 in /switch/switch settings/vlan configuration option and did not help..

both switches are pingable from devices in the new vlan 3 but they are unreachable from dashboard and from any other device. After 2 hours they come back online with old configuration. (have some different trials where i again lose connectivity for 2h)

I hope i provide enough information about the problem, if there is any information that i can provide i would do it.

Thanx in advance.

CMR · ‎04-27-2022

@GoranP yes, all VLANs are on the Meraki switches by default. By deleting the interface you will achieve what you are wanting.

If my answer solves your problem please click Accept as Solution so others can benefit from it.

View solution in original post

ww^ · ‎04-27-2022

The routing stack should not have management ip address/gateway pointing to its self owned vlan interface .

I would create the management layer3/vlan on the firewall and run that management vlan at layer2 down all device.

GoranP · ‎04-27-2022

Hello,

I also tried something similar, created subinterfaces on Palo Alto interface for networks 192.168.0.0 and 192.168.3.0

but i left switch vlan interface up. How to dawngrade to vlan 2, dont have option to just create vlan on layer 2 ?

Is it enough to just delete switch vlan interface on stack and provide IP address form subnet 192.168.3.0 with default gate 192.168.3.1 and vlan 3 to Meraki devices? (in that case i would set subinterface on the firewall IP 192.168.3.1)

CMR · ‎04-27-2022

@GoranP yes, all VLANs are on the Meraki switches by default. By deleting the interface you will achieve what you are wanting.

If my answer solves your problem please click Accept as Solution so others can benefit from it.

GoranP · ‎04-27-2022

Thank you for fast response 🙂

I will try that after working hours.

I will report the end results 🙂

GoranP · ‎04-27-2022

Hello !

I did it successfully. (i make vlan on the firewall and delete switch vlan interface on stack, after that i regain connection with my devices)

Thank you for your help.