01-26-2020 10:34 AM - edited 01-26-2020 08:04 PM
Yesterday, I added a second VLAN (2) to my RV340 to provide some IoT isolation. Afterward, while testing VLAN2, I tried doing some pings from a host in that VLAN to hosts out on the Internet. These pings mostly failed in timeouts with an occasional reply. I tried manually adding a specific firewall rule allowing ANY traffic from VLAN2 to WAN1 but no difference. Pings from VLAN1 are consistent and always get replies, so I know it's not the Internet connection. So here is what I am wondering, could it be that this router is getting confused about where to forward the replies? Since ICMP is stateless by its nature, is the problem being caused because this firewall is doing a poor job of tracking the state of ICMP packets? If so, this is the only device I have ever seen that can't maintain accurate state information for pings sourced from multiple internal interfaces.
After noticing this, I tested non-ICMP traffic through the VLAN2 interface, and everything else seems OK. I did not extensively test UDP, which is also stateless, but I did not notice any problems with typical Internet connectivity other than the pings timing out.
Anyone else notice this problem?
01-27-2020 08:52 PM
Hi,
My name is Puneet Sandel and I am from the L2 team providing support on Cisco small business devices.
As per your query since RV routes perform NAT by default therefore you are able to ping internet from the default VLAN.
However if you create another VLAN you need to provide a default or static route in the router pointing towards your firewall.
Same needs to be done on the firewall end too. Although you might have added a policy in the firewall for other networks but without adding a route on both sides will not solve your issue.
Regards,
Puneet Sandel
Technical Consulting Engineer-Level 2
Global CX Centers – Small Business Support
01-27-2020 10:33 PM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide