What is the IP subnet for VLAN 1?

192.168.1.0~254

What is the IP subnet for VLAN 2?

192.168.2.0~254

What is the IP subnet for VLAN 3?

192.168.3.0~254

Tell me how it is your setting up your IP ACL?

prot.     src. add.     src. mask     dest. add     dest. mask     action

IP            any             any               any               any          permit

i opened averything to make some test

What routes have you added to the layer 3 switch?

dest ip    pref.lenght            next hop        route type     metric

0.0.0.0        /0                  192.168.1.1       remote           1

What IP addresses have you added to the layer 3 switch?

192.168.1.2

192.168.2.2

192.168.3.2

What routes have you added to the RV082?

dest ip               mask               def. gateway   hop count   interface

192.168.2.0     255.255.255.0     192.168.2.1          1            LAN

192.168.3.0     255.255.255.0     192.168.2.1          1            LAN

What IP addresses have you added to the RV082?

192.168.1.1

multiple subnet config

192.168.2.0     255.255.255.0

192.168.3.0     255.255.255.0

My immediate reaction is to change:

prot.     src. add.     src. mask     dest. add     dest. mask     action

IP            any             any               any               any          permit

To:

prot.     src. add.     src. mask     dest. add     dest. mask     action

ANY            any             any               any               any          permit

I have some reservations as to how the RV082 is deployed but I have to test an alternative in my lab.

What is the firmware version on the SFE2000?

Can you attach a config file for the SFE?

You say the switch locks up, does it continue to pass any traffic on any ports at all or does it just lock you out of the interface?

If you console the switch after applying your ACL with the serial cable, does it still have an IP bound to the management interface?

hi christopher,

i'll be at the customer's place by tomorow morning...until tomorow i'll not be able to do any test...

thanks alot !

is there a place here i can download a simulator of that switch ?

thanks...

No simulator that I am aware of. A program called "Packet Tracer" is available to Cisco university students, and that has a small selection of small business devices but not this one.

I will look into your config today. Immediately I notice that the management/native VLAN was changed from 100. From where did you perform this change?

I think i did it from the console

thanks alot !

Did

prot.     src. add.     src. mask     dest. add     dest. mask     action

ANY            any             any               any               any          permit

Also cause the switch to lock up?

Did you use the default console, or load an alternate console?

I didn't tried "any" anywhere as i was supposed to go at the customer's place today...but i got 1 good news, I will replace their linksys switch for a cisco switch...i mean temporarily...by monday morning. This way the SFE2000 will be at my office and out of production...test will be easier this way !

have a good weekend christopher

i'll be back with news by monday

Can you please assist me in order to save config file from web GUI to the desktop.

Thank you.

That will be similar to this...

If you need something more specific, Just let me know and I will get teh exact screen shot for you. I just happened to have this onhand from today.

Regards,

Christopher

Yes, I have seen this error before. Could you attach the current configuration and tell me what it is you ultimately wish to accomplish with your ACL? If so, I can look at the config, and then I should be able to tell you how to implement what you need. You may in fact be better off contacting the SBSC directly and opening a case with us. Then we could WebEx and work this out. The number here is 866.616.1866.

Regards,

Chris

Hi christopher,

i used the same config file posted earlier...but i've only added "ANY" in my test ACL and bind it to a port...what i want to do is very simple

VLAN 1 subnet 192.168.1.0/24.....Admin VLAN subnet to acces my network hardware

VLAN 2 subnet 192.168.2.0/24.....Active Directory domain subnet

VLAN 3 subnet 192.168.3.0/24.....it's my guest internet VLAN wich shoul only have acces to internet

VLAN 1 speak to VLAN 2

VLAN 1 speak to VLAN 3

VLAN 2 speak to VLAN 1

VLAN 2 don't speak to VLAN 3

VLAN 3 speak to VLAN 1 only to be routed out to internet

VLAN 3 speak to VLAN 2 only for DHCP relay...dhcp is my active directory Domain Ctrl on VLAN 2

is that what you've asked for ?

thank again !