Solved: Hi jbattist,I've resolved the

Eugene Khoo · ‎10-16-2015

Hi,

I have 4 SG300-28P switches in L3 mode.

They are connected to a Netgear FV336G Dual WAN router which provides 3 networks (VLAN1, VLAN 30 and VLAN 40), it has 3 different DHCP scopes for each VLAN. VLAN1 = 192.168.101.x, VLAN 30 = 192.168.30.x and VLAN 40 = 192.168.40.x.

I have 6 WAP321 with 3 networks (SSID) corresponding to the 3 VLANS. I can access only VLAN 1 so I can get DHCP 101.x but not the other 2 VLANS. All switch ports currently are set to Trunk. The switches are connected via 2x1G LAG Links. Also set to trunk mode. When I directly connect to the Router, I can create a VLAN interface (30 or 40 for example) and that will pickup the IP address as needed.

Anything I'm missing out in the config?

See attached diagram that may help explain better what I'm saying above. Port connected to Router is also configured as Trunk.

ggrim · ‎10-20-2015

Hello Eugene,

Glad to hear that you were able to find a solution to your problem.

Looking over the information that you have provided, it does sound like the solution that you have come upon is correct. By setting the Trunk ports up with 1UP only, the traffic on VLANs 30 and 40 were never actually leaving the devices. By allowing 30T and 40T, the ports were configured to pass along the additional VLANs on the ports with additional header information that allows the devices to tell the VLANs apart once received.

Please let us know if the solution you found does resolve your issue on the production network, and if so, please remember to mark your post as resolved and rate any helpful responses. If you wind up running in to any other issues, please report back and we'll see how we can help!

Also, for anyone coming to this issue in the future, the Knowledge Base has a few resources to help with configuration of devices:

Configuration of VLAN Membership of an Interface on the 200/300 Series Managed Switches

Enabling Multiple Wireless Networks on RV320 VPN Router, WAP321 Wireless-N Access Point, and Sx300 Series Switches

Thanks again for using the Small Business Support Community!

View solution in original post

jbattist · ‎10-16-2015

Hello Eugene,

Couple questions...what is the port configuration on the switch connecting to the Netgear, and what is the port configuration on the Netgear connecting to the switch? I know you say all the switch ports are trunks, but what is the VLAN configuration on the ports between the switch and Netgear?

You may have to do a DHCP relay on the VLANs on the switch, pointing to the VLAN1 IP address of the Netgear.

Eugene Khoo · ‎10-16-2015

Port to Netgear is Trunk, 1UP. Port to WAP321 is also the same - Trunk, 1UP.

The Netgear has 1 IP per VLAN, i.e.

VLAN 1 - 192.168.101.250 for the 101.x network

VLAN 30 - 192.168.30.250 for the 30.x network

VLAN 40 - 192.168.40.250 for the 40.x network

If I connect my macbook to the router, I get the 101.x network. By creating a VLAN interface on the mac's ethernet port, I can get via DHCP either the 30.x or 40.x scope based on which VLAN ID I set. This leads me to believe my switch config is missing something.

Eugene Khoo · ‎10-18-2015

Hi jbattist,

I've resolved the issue by setting the trunk port to 1UP, 30T and 40T on my test environment (SG300-10, WAP371 and Netgear FV318SG) and will try to replicate on the production network later this week.

ggrim · ‎10-20-2015

Hello Eugene,

Glad to hear that you were able to find a solution to your problem.

Looking over the information that you have provided, it does sound like the solution that you have come upon is correct. By setting the Trunk ports up with 1UP only, the traffic on VLANs 30 and 40 were never actually leaving the devices. By allowing 30T and 40T, the ports were configured to pass along the additional VLANs on the ports with additional header information that allows the devices to tell the VLANs apart once received.

Please let us know if the solution you found does resolve your issue on the production network, and if so, please remember to mark your post as resolved and rate any helpful responses. If you wind up running in to any other issues, please report back and we'll see how we can help!

Also, for anyone coming to this issue in the future, the Knowledge Base has a few resources to help with configuration of devices:

Configuration of VLAN Membership of an Interface on the 200/300 Series Managed Switches

Enabling Multiple Wireless Networks on RV320 VPN Router, WAP321 Wireless-N Access Point, and Sx300 Series Switches

Thanks again for using the Small Business Support Community!

Lee Cox · ‎10-22-2015

I think this switch would be better setup where the switch does the IP routing (VLAN). Setup the router off an access port on VLAN1. Run DHCP from the switch and add routing statements for the other VLANs to the router pointing to the switch. Run the router without VLANs defined. The switch is the default gateway for the clients and the router is the default gateway for the switch.

This is the way I run my setup. The switch is faster at routing VLAN traffic than the router.

Eugene Khoo · ‎10-23-2015

Well, I did take the plunge and I've moved DHCP off the router and now VLAN routing is on the switch. 5 VLANs, 5 DHCP scopes and one router.

SG300 VLANS