Re: SG250-08 vlan configuration

mallmen00 · ‎10-18-2021

Hi - my goal is to configure a private network (I need it isolated to use its own DHCP server, not my cable modem/router DHCP).

I have this setup:

internet connection -> cable modem (192.168.0.0/24) -> wifi mesh router (192.168.68.0/24) -> SG250-08.

The SG250 has port 1 connected to the mesh router, and I have configured a static IP address (192.168.68.103). Anything on the default VLAN1 can access the internet like it was connected directly to the mesh router or using wifi (using default gateway of 192.168.68.1).

I want a second VLAN, let's say 172.16.0.0/24. I create a second VLAN2. I want that VLAN to be able to use the uplink at 192.168.68.103 to access the internet. To do this, my understanding is that I need intervlan routing set up. But I also believe I need something configured so requests to the Internet on VLAN2 uses the link at port 1 to ultimately access the Internet though that default gateway.

I could use some guidance as I don't understand network routing at this level well enough to decipher the documents on how to get this configured.

Seb Rupik · ‎10-25-2021

Hi there,

Your issue is two fold:

Traffic from VLAN2 destined to the internet will be routed on the SG250 and forwarded on VLAN1 egressing Port1 towards the wifi-router and onwards to the cable modem. At this point the modem has received a packet with a source address of 172.16.0.0/24 (VLAN2), it will have a NAT rule probably very rigid which will only translate traffic sourced from 192.168.68.0/24, it will therefore not route VLAN2 traffic any further. Assuming NAT did work, the cable modem has no idea how to route traffic back towards VLAN2. You would need to a add a static route directing traffic towards the SG250, again this feature is probably not available.

What you need is a 'proper' router which will allow you to configure NAT before traffic is forwarded into VLAN1.

cheers,

Seb.