03-18-2019 03:15 PM
I bought the SG-350 8 port to create VLAN's for my network. Connected no issues, updated Firmware (image_tesla_hybrid_2.4.5.71_release_cisco_signed) with no issues.
When I use the Wizard to create a VLAN, it gets to 67% and hangs. I have let this run for HOURS.
Bounce the system and started over.. Manually creating VLAN's with this device appears to be forward but for what ever reasons I an not able to get a VLAN to my gateway.
Port 1 Local LAN 172.16.32.0/22
Port 3 VLAN33 192.168.33.0/24
Port 4 VLAN34 192.168.34.0/24
I'm fairly consistent with testing and reloading but I get different results each time. One time the VLANS can fully see each other, never see the gateway. IPCONFIG, setup with 192.168.33.1 (VLAN33) and 192.168.34.1 (VLAN34) sometimes the system inside the VLAN .10 can see it some times it can't.
I'm just very frustrated and it should not be this difficult.
Solved! Go to Solution.
03-19-2019 08:21 AM
add these routes
ip route 192.168.34.0 255.255.255.0 172.16.32.2
ip route 192.168.33.0 255.255.255.0 172.16.32.2
Errors << the commands above, need run on your firewall, not in your switch. If you apply it on FIREWALL, i suppose that it will works well.
Gateway cannot be one of the address configured on this device
03-18-2019 04:31 PM
03-19-2019 04:16 AM
Thanks for the Response...
switch8fbc6b#show running-config
config-file-header
switch8fbc6b
v2.4.5.71 / RTESLA2.4.5_930_181_144
CLI v1.0
file SSD indicator encrypted
@
ssd-control-start
ssd config
ssd file passphrase control unrestricted
no ssd file integrity control
ssd-control-end cb0a3fdb1f3a1af4e4430033719968c0
!
!
unit-type-control-start
unit-type unit 1 network gi uplink none
unit-type-control-end
!
vlan database
vlan 33-34
exit
voice vlan oui-table add 0001e3 Siemens_AG_phone________
voice vlan oui-table add 00036b Cisco_phone_____________
voice vlan oui-table add 00096e Avaya___________________
voice vlan oui-table add 000fe2 H3C_Aolynk______________
voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone
voice vlan oui-table add 00d01e Pingtel_phone___________
voice vlan oui-table add 00e075 Polycom/Veritel_phone___
voice vlan oui-table add 00e0bb 3Com_phone______________
bonjour interface range vlan 1
hostname switch8fbc6b
no passwords complexity enable
username
ip ssh server
ip ssh password-auth
!
interface vlan 33
name "VLAN33"
ip address 192.168.33.1 255.255.255.0
!
interface vlan 34
name "VLAN34"
ip address 192.168.34.1 255.255.255.0
!
interface GigabitEthernet1
description "LAN Uplink"
switchport mode trunk
!
interface GigabitEthernet3
description "VLAN33"
switchport access vlan 33
!
interface GigabitEthernet4
description "VLAN34"
switchport access vlan 34
!
interface GigabitEthernet10
description "LAN WKS"
!
exit
03-19-2019 05:33 AM
Your configuration is very simple, please, provide output below;
show ip route
show spanning-tree
and run this command below
sw(config)#: ip routing
Thanks in advance.
03-19-2019 05:45 AM
switch8fbc6b#show ip route
Maximum Parallel Paths: 1 (1 after reset)
IP Forwarding: enabled
Codes: > - best, C - connected, S - static
D 0.0.0.0/0 [1/8] via 172.16.32.1, 00:06:13, vlan 1
C 172.16.32.0/22 is directly connected, vlan 1
C 192.168.33.0/24 is directly connected, vlan 33
C 192.168.34.0/24 is directly connected, vlan 34
switch8fbc6b#show spanning-tree
Spanning tree enabled mode RSTP
Default port cost method: long
Loopback guard: Disabled
Root ID Priority 32768
Address a8:b4:56:8f:bc:6b
This switch is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Number of topology changes 0 last change occurred 00:00:00 ago
Times: hold 1, topology change 35, notification 2
hello 2, max age 20, forward delay 15
Interfaces
Name State Prio.Nbr Cost Sts Role PortFast Type
--------- -------- --------- -------- ------ ---- -------- -----------------
gi1 enabled 128.1 20000 Frw Desg Yes P2P (RSTP)
gi2 enabled 128.2 2000000 Dsbl Dsbl No -
gi3 enabled 128.3 20000 Frw Desg Yes P2P (RSTP)
gi4 enabled 128.4 20000 Frw Desg Yes P2P (RSTP)
gi5 enabled 128.5 2000000 Dsbl Dsbl No -
gi6 enabled 128.6 2000000 Dsbl Dsbl No -
gi7 enabled 128.7 2000000 Dsbl Dsbl No -
gi8 enabled 128.8 2000000 Dsbl Dsbl No -
gi9 enabled 128.9 2000000 Dsbl Dsbl No -
gi10 enabled 128.10 20000 Frw Desg Yes P2P (RSTP)
Po1 enabled 128.1000 20000 Dsbl Dsbl No -
Po2 enabled 128.1001 20000 Dsbl Dsbl No -
Po3 enabled 128.1002 20000 Dsbl Dsbl No -
Po4 enabled 128.1003 20000 Dsbl Dsbl No -
Po5 enabled 128.1004 20000 Dsbl Dsbl No -
Po6 enabled 128.1005 20000 Dsbl Dsbl No -
Po7 enabled 128.1006 20000 Dsbl Dsbl No -
Po8 enabled 128.1007 20000 Dsbl Dsbl No -
03-19-2019 06:22 AM
Jaderson
Thanks for taking the time to review, just a little more background. I'm new to VLAN's (As if it's not obvious). I'm am however computer literate, just for whatever reason I'm struggling here. Not Networking Strong.
Current Environment (home)
3 Switches, the SG-350 is an end point with 3 devices hanging off for setup and testing (Or Lack of)
My Local LAN is connected to Port 1, NO VLAN setup anywhere in this subnet (172.16.32.0/22)
Main Switch (HP) Connected to Firewall 172.16.32.1 (IPFIRE), then connected to ISP Router. At some point the SG-350 will become the main switch.
My Goal is to establish VLANS for IoT to segregate these from my home network to include a separate VLAN for Cameras, Sensors and WiFi.
Hope this helps with what I'm wanting to do.
03-19-2019 06:37 AM
03-19-2019 07:07 AM
Yes, the VLAN's can't see anything outside of the VLAN nor can they see the gateway.
03-19-2019 07:43 AM
Ok, lest go solve your problem.
C 192.168.33.0/24 is directly connected, vlan 33
C 192.168.34.0/24 is directly connected, vlan 34
I think that vlans 33 and 34 has ip address configured properly. So, you can ping these vlan from switch itself?
Like, if ip address of vlan 33 is 192.168.33.1 255.255.255.0 < and you do: ping 192.168.33.1 from swtich itself, its good, right?
and if you do: ping 192.168.34.1 source 192.168.33.1 from switch itself, its right too, i think.
If all test above are right, please, do next step below;
input a laptop/desktop on one port of this switch and insert this port on vlan 33
interfafce g0/10
switchport access vlan 33
switchport mode access
on laptop/desktop, configure manually ip address for test.
IP: 192.168.33.10 (check this ip is available)
MASK: 255.255.255.0
GATEWAY: 192.168.33.1
ping on both gateways (192.168.33.1 and 192.168.34.1) and input results here.
Thanks in advance
03-19-2019 07:49 AM
Port 1 = VLAN1 (Default) IP 172.16.32.2 TRUCK
Port 3 = VLAN33 IP= 192.168.33.1 Computer = 192.168.33.10/24 Gateway 192.168.33.1
Port 4 = VLAN34 IP= 192.168.34.1 Computer = 192.168.34.10/24 Gateway 192.168.34.1
Port 10 = VLAN 1 No Port IP, Computer IP 172.16.32.55
Computer 192.168.33.10 Can Ping 192.168.34.1, 192.168.34.10, 172.16.32.2
Can't ping anything on the 172.16.32.1/22 except the switch port 172.16.32.2
03-19-2019 07:56 AM - edited 03-19-2019 08:01 AM
Great,
The post below, is the gateway of this network or the gateway of this network is your firewall? If is your firewall you need create a route back on it.
VLAN1 (Default) IP 172.16.32.2 TRUCK (this is a point to point with your firewall right?)
ON YOUR DEVICE THAT HAVE THIS ADDRESS 172.16.32.1
add these routes
ip route 192.168.34.0 255.255.255.0 172.16.32.2
ip route 192.168.33.0 255.255.255.0 172.16.32.2
Port 1 = VLAN1 (Default) IP 172.16.32.2 TRUCK > show interfaces trunk < post here please.
Port 3 = VLAN33 IP= 192.168.33.1 Computer = 192.168.33.10/24 Gateway 192.168.33.1
Port 4 = VLAN34 IP= 192.168.34.1 Computer = 192.168.34.10/24 Gateway 192.168.34.1
Port 10 = VLAN 1 No Port IP, Computer IP 172.16.32.55
Computer 192.168.33.10 Can Ping 192.168.34.1, 192.168.34.10, 172.16.32.2 << great
Can't ping anything on the 172.16.32.1/22 except the switch port 172.16.32.2 << it is assuming that you was test, ping 172.16.32.1 source 172.16.32.2 from switch it self and you have sucessfully?
03-19-2019 08:07 AM
Port 1 = VLAN1 (Default) IP 172.16.32.2 TRUCK > show interfaces trunk < post here please.
show interfaces truck errored "%bad parameter value"
switch8fbc6b#show interfaces switchport gi1
Gathering information...
S-VLAN Ethernet Type: 0x8100 (802.1q)
Name: gi1
Switchport: enable
Administrative Mode: trunk
Operational Mode: up
Access Mode VLAN: 1
Access Multicast TV VLAN: none
Trunking Native Mode VLAN: 1
Trunking VLANs: 1,33-34
2-32,35-4094 (Inactive)
General PVID: 1
General VLANs: none
General Egress Tagged VLANs: none
General Forbidden VLANs: none
General Ingress Filtering: enabled
General Acceptable Frame Type: all
General GVRP status: disabled
Customer Mode VLAN: none
Customer Multicast TV VLANs: none
Private-vlan promiscuous-association primary VLAN: none
Private-vlan promiscuous-association Secondary VLANs: none
Private-vlan host-association primary VLAN: none
Private-vlan host-association Secondary VLAN: none
VLAN Mapping Tunnel - no resources
VLAN Mapping One-To-One - no resources
Classification rules:
Classification type Group ID VLAN ID
------------------- -------- -------
switch8fbc6b#
Port 3 = VLAN33 IP= 192.168.33.1 Computer = 192.168.33.10/24 Gateway 192.168.33.1
Port 4 = VLAN34 IP= 192.168.34.1 Computer = 192.168.34.10/24 Gateway 192.168.34.1
Port 10 = VLAN 1 No Port IP, Computer IP 172.16.32.55
Computer 192.168.33.10 Can Ping 192.168.34.1, 192.168.34.10, 172.16.32.2 << great
Can't ping anything on the 172.16.32.1/22 except the switch port 172.16.32.2 << it is assuming that you was test, ping 172.16.32.1 source 172.16.32.2 from switch it self and you have sucessfully?
ping Counters and Status
Number of Sent Packets:
3
Number of Received Packets:
3
Packet Loss:
0 %
Minimum Round Trip Time:
0 ms
Maximum Round Trip Time:
0 ms
Average Round Trip Time:
0 ms
Status:
Success
03-19-2019 08:12 AM
VLAN1 (Default) IP 172.16.32.2 TRUCK (this is a point to point with your firewall right?)
Runs thru another dumb switch at this point. but the Firewall is configured as 172.16.32.1
ON YOUR DEVICE THAT HAVE THIS ADDRESS 172.16.32.1
add these routes
ip route 192.168.34.0 255.255.255.0 172.16.32.2
ip route 192.168.33.0 255.255.255.0 172.16.32.2
Errors
Gateway cannot be one of the address configured on this device
03-19-2019 08:15 AM
Jaderson
I hate to do this, but I have to leave for a few hours, at the point I think we are making progress. Sorry but have to do it. I will be back later and review any suggestions. Again, thanks for your help.
03-19-2019 08:21 AM
add these routes
ip route 192.168.34.0 255.255.255.0 172.16.32.2
ip route 192.168.33.0 255.255.255.0 172.16.32.2
Errors << the commands above, need run on your firewall, not in your switch. If you apply it on FIREWALL, i suppose that it will works well.
Gateway cannot be one of the address configured on this device
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide