Re: Inter VLAN routing on SG350 - Page 2

Athena1390 · ‎09-20-2018

Hello,

I'm configuring a new SG350-28P, running with the latest frimware (2.4.0.94).

Layer 3 is supposed to be already active (default settings); I cannot find any choice (Layer 2 / Layer 3) as found on SG300 series.

I have a default router : 192.168.1.1

I configured the following VLAN :

- VLAN 1 : IP 192.168.1.2 / 255.255.255.0

- VLAN 20 : IP 192.168.20.1 / 255.255.255.0

In the IP Configuration -> IPv4 Interface -> IPv4 Routing is enabled.

I configured the following IPV4 Static Route :

Destination IP	Prefix Length	Route type	Next Hop Router IP	Metric	Outgoing Interface
0.0.0.0	0	Remote	192.168.1.1	4	VLAN1

From VLAN1 (the switch itself, and any device connected to VLAN1), I can access the Internet.

The IPV4 Forwarding Table contains :

Destination IP	Prefix Length	Route type	Next Hop Router IP	Route Owner	Metric	Admin. distance	Outgoing Interface
0.0.0.0	0	Remote	192.168.1.1	Static	4	1	VLAN1
192.168.1.0	24	Local	192.168.1.2	Directly Connect			VLAN1
192.168.20.0	24	Local	192.168.20.1	Directly Connect			VLAN20

Problem from VLAN 20 is :

- I can ping the local switch interface 192.168.20.1

- I can ping the VLAN1 switch interface 192.168.1.2

- I cannot ping the default gateway 192.168.1.1

- And I cannot ping anything on the Internet (of course)...

Do you have any idea to solve this issue please ?

Thanks in advance for your help.

AboubacarCISSE0624 · ‎05-06-2021

the different vlan can communicate with each other ie from the first when I do a pig on the other there must be an answer, I send you. thank you in advance

Don Zouras · ‎04-26-2019

Lee,

Would you be willing to share your running config with me? I have a Cisco 1921 and a SG300-28. I have spent days trying to get router on a stick to work and I am missing something. I would just like to see a working example.
Thanks for your time.

JamesMS · ‎09-05-2021

Don, I expect you have found a solution by now. Anyway, I found the following worked for me ...

I set up a Cisco SG350-10 switch and 2 routers with subnets 10.1.1.0/24 & 10.1.2.0/24 as follows:-

In Windows Firewall I created an inbound rule to allow connections to subnets 10.1.1.0/24 & 10.1.2.0/24.

In router #1 I set static route 10.1.2.0/24 with gateway 10.1.1.2 on LAN interface.
The gateway is the address of the Cisco switch and IP 10.1.1.2 is reserved within router #1.

For router #2 I set static route 10.1.1.0/24 with gateway 10.1.1.2 on LAN interface.
The gateway is the address of the Cisco switch and IP 10.1.2.2 is reserved within router #2.

A LAN port on each router is connected to port GE2 or port GE3 on the Cisco switch.

VLANs 1 to 3 are present on the Cisco switch and connected to interfaces GE1 to GE3 respectively.

VLAN 1 is connected to the ISP Gateway LAN port and DHCP is reserved in the ISP Gateway at 192.168.0.2.

The WAN ports on both routers are connected to the ISP Gateway LAN interface.

GE2 (VLAN 2) & GE3 (VLAN 3) are connected to a LAN port on routers 1 & 2.

GE1 to GE3 show under 'VLAN Management > VLAN Settings Table' as Switchport Mode: Layer 2 & VLAN Mode: Access.

Under 'IP Configuration > IPv4 Interface' IPv4 Routing is enabled, with VLAN interfaces 1 to 3 set to DHCP mode.
This table should show VLANs 1 to 3 and the IP addresses of the ISP Gateway and routers should be valid.

The IPv4 Forwarding Table should be filled with entries for subnets 192.168.1.0/24, 10.1.1.0/24 & 10.1.2.0/24.

ARP should list the IP & MAC addresses of the ISP Gateway, both routers and other devices such as PCs and printers.

Under 'IP Configuration > UDP Relay/IP Helper' I added two entries:-

Source IP Interface: 'All' with UDP Destination Port '9' & Destination IP Address '255.255.255.255'.
Source IP Interface: 'All' with UDP Destination Port '137' & Destination IP Address '255.255.255.255'.

Under 'IP Configuration > DNS Settings' I set DNS to 'Enabled'.

With all of the following in place I can ping PCs on one subnet from another and can access devices by hostname or IP.

I found that it is sometimes necessary to reboot all of the network devices after making changes to the configuration.

mazenn · ‎09-21-2018

Virtual LANs (VLANs) divide one physical network into multiple broadcast domains. But, VLAN-enabled switches cannot, by themselves, forward traffic across VLAN boundaries. So you need to have routing between these VLANs which is called interVLAN routing.