11-23-2021 10:25 PM
Hi,
I'm trying to segregate our network due to areas with public access (and WiFi) and physical ports.
To not disrupt things, the base VLAN (1) has internet access via 192.168.101.11.
I've created VLAN 20 and 40 (192.168.20.1 and 192.168.40.1) - switch has IPs for each VLAN.
DHCP works, so I get a 192.168.20.52 for example on the VLAN 20 port (Access port, VLAN20 untagged)
but I can't get Internet access from either VLAN 20 or 40.
Am I missing some configuration step? Switch is SG300-28PP in L3 mode.
IPv4 routes have 0.0.0.0 listed with the router IP (101.11)
Solved! Go to Solution.
11-23-2021 11:48 PM
There is nothing missing here from the Switch side
The things missing on Internet Router NAT for the new IP address range, 192.168.20.X and 192.168.40.X
Please add these IP addresses in the Access List so they get access to internet,
Also if you do not like guest users to access VLAN1, make a Filters to deny access from 192.168.20, X and 192.168.40.X to 192.168.101.X
11-23-2021 11:48 PM
There is nothing missing here from the Switch side
The things missing on Internet Router NAT for the new IP address range, 192.168.20.X and 192.168.40.X
Please add these IP addresses in the Access List so they get access to internet,
Also if you do not like guest users to access VLAN1, make a Filters to deny access from 192.168.20, X and 192.168.40.X to 192.168.101.X
11-24-2021 12:36 AM
Thanks. Realized I've done this before.
Added VLANs and the 20.x and 40.x IPs on the router and all works now.
09-06-2023 02:18 AM
Hi i don't suppose you could post up your config? Thanks
09-06-2023 04:40 AM - edited 09-06-2023 04:41 AM
Hi David -- like Balaji mentioned above - nothing is wrong on the switch config. Each switch has the VLANs configured (or they're auto added anyway since the SFP ports carry all the VLANs. The config required was on the router to add the required VLAN/NATs... i.e. 192.168.40.11 as the routing address for VLAN40. So it will be NATed by the router to the internet.
Basically, my router needs an IP for the VLANs so that the switches can VLAN route if required or just send straight to the router on the specific VLAN/Router IP and go out to the internet.
09-06-2023 05:16 AM
every config is different, if you are having same issue, suggest to open a new thread giving more information of your issue, so can be handle easily
@Eugene Khoo cheers for the pitch in.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide