07-02-2022 02:25 AM - edited 07-02-2022 02:38 AM
Hi all
My first time posting on here so I'm hope you all have patience with me thanks in advance.
What I have done through the web GUI is set up two vlans, vlan2 and vlan3 with different ip's with dchp pool. They work fine, and there is no communication between vlans which I created or the default vlan - which is what I want. The default vlan has a gateway to my router and out to my isp.
My question is, is it possible to get the two vlans, vlan2 and vlan3 to also have access to the gateway router on my network, same as the default vlan and how is this done? I've tried various things, in ipv4 routing gui but I'm out of my depth. Am I asking too much of this L3 switch?
07-02-2022 09:57 AM
M.
07-02-2022 02:30 PM
Thanks for the reply. Still can't get the two vlans to talk to the router because the vlans have different ip's. The router I'm using is not a cisco grade but a cheap isp type
07-02-2022 04:54 PM
Is the inter-VLAN routing working? It needs to in order for traffic from other VLANs to reach the router. Of course, the VLANs will not be isolated anymore and you would need to use ACL to implement some kind of isolation. The router's LAN IP address should be the default gateway on the switch. However the router does not know anything about those additional VLANs. It needs to be told how to route replies to requests it receives. So for the other 2 VLANs, you need to create proper static routes on the router. For example, something like this:
Network 192.168.2.0/24, Gateway 192.168.1.2, where 192.168.2.0/24 is the vlan2 subnet and 192.168.1.2 is the SVI address of the default VLAN on the switch.
07-03-2022 04:23 AM - edited 07-03-2022 04:41 AM
Inter-vlan works, sort of. A pc with ip192.168.2.2 on vlan2 is able to ping ip 192.168.3.1 on vlan3. And a pc with ip192.168.3.2 on vlan3 is able to ping ip 192.168.2.1 on vlan2. However, if I ping vlan3 from vlan2 with ping 192.168.3.2 it fails the opposite is also true. Wondering if that's something to do with the fact that any ip address after .1 is allocated by DHCP.
I can also ping the default vlan from vlan2 and vlan3 BUT only to the web interface address which is on 192.168.1.3. I'm unable to ping the gateway address on 192.168.1.1 from vlan2 and vlan3.
If i'm plugging into the default vlan 192.168.1. I get internet access.
07-03-2022 07:05 AM
The routing table on the switch and the static routes on the Internet router should be something like below.
The first picture shows routes on the switch. There 192.168.10.2 is the IP address of the Internet router (LAN side). Below that are the SVI addresses of the VLANs. They should be entered as default gateways in the DHCP configuration. The second picture shows the static routes on the Internet router. There is not need for a static route for VLAN1. The L2 layer takes care of it since the router is on VLAN1.
07-04-2022 09:43 AM
Hi Sorry for the delay.
The images show what my switch shows. But I'll go through the procedure I take.
After enabling L3
1) In "Vlan Tables" I Create vlan2 and vlan3
2) In "Port to Vlan", for vlan2 and vlan3 I set them to untagged
3) From "Interface settings" I set vlan2 and vlan3 ports to Access
4) In "Ip Configuration" I set static ip's in "IPv4 Interface" for vlan2 and vlan3
5) In "IPv4 Routes" usually auto inserts entries here, but I have also configured it manually as follows for vlan2:
Destination IP Prefix: 192.168.2.0
Network mask: 255.255.255.0
Next Hop Router IP Address: 192.168.1.1 which is my router gateway
Metric: 1 not sure about this but I leave with 1
The results in the IpV4 Routs looks like with only vlan2:
Destination IP Prefix Prefix Length Route Type Next Hop Router IP Address Route Owner Metric Administrative Distance Outgoing Interface
0.0.0.0 0 Default 192.168.1.1 Default 1 1 VLAN 1
192.168.1.0 24 Local Directly Connected VLAN 1
192.168.2.0 24 Remote 192.168.1.1 Static 1
07-04-2022 12:48 PM
Do you have the IPv4 routing enabled? Just enabling L3 is not enough. The IPv4 route table should show only the default route and the SVI routes. You did not show the SVI routes. I don't know what you need that extra static route for. Also, the router needs to be connected to a untagged access port that is a member of VLAN1.
07-02-2022 08:51 PM
according to explanation i got below diagram in to my mind.
Default VLAN--------Switch------router
1st VLAN------------| |
2nd VLAN--------------|
make me correct if i am wrong. in this case you can use default route (0.0.0.0/0) at switch towards router's IP address to send all internet traffic to ISP router. eg. add route entry - 0.0.0.0 0.0.0.0 x.x.x.x (router's ip address)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide