Re: Problem with SGE2010 and VLAN Routing

DCV-Technik · ‎01-14-2011

Hi

I have a routing problem with my SGE2010. My konfiguration:

1. Firewall

eth0 extern - VLAN 100

eth1 intern - 10.100.0.2 /17 VLAN 150

eth2 dmz - 10.100.128.2 /24 VLAN 200

eth3 iscsi - 172.160.100.2 /24 VLAN 800

2. SGE2010

The SGE2010 is running at the Layer 3 mode.

VLAN konfig.: Static, Port to VLAN (Untagged)

VLAN 100 Port 1-3 no IP Adress

VLAN 150 Port 4-18 10.100.0.1 /17

VLAN 200 Port 19-23 10.100.128.1 /24

VLAN 300 Port 25-30 10.100.1.1 /24

VLAN 400 Port 31-35 10.100.2.1/24

VLAN 500 Port 36-38 10.100.3.1/24

VLAN 800 Port 39-43 172.160.100.1

I connect the FW and the SGE2010:

FW eth0 ------- SGE2010 Port 1

FW eth1 ------- SGE2010 Port 4

FW eth2 ------- SGE2010 Port 19

FW eth3 ------- SGE2010 Port 39

ISP is connect at Port 2

The VLAN 200 and 800 work fine (if I use a IP from the VLAN Subnet and the GW 10.100.128.2 (VLAN 200), 172.160.100.2 (VLAN 800)

The VLAN 150 work, if I use a IP 10.00.0.XX with the GW 10.100.0.2

The VLAN 200, 300, 400 and 500 work only "inside". It is possible to get e connection to the Switch (webadmin 10.100.0.1) but i cannot connect to the FW or the Internet.

I try a static Route without succsess:

Dest. IP: 10.100.0.0; /17 Next Hop 10.100.0.2

Any suggestion are welcome :-)

Best regards,

Gerhard

Jo Kern · ‎01-17-2011

one thing is that you need a Default Gateway on the switch for the VLANs not connected directly to the outside

Static Route 0.0.0.0 /0 Next Hop 'ip address of FW"

and that means you have to assign an ipaddress to VLAN 100 also