01-06-2015 04:04 AM
Hi,
I'm trying to setup an SG300-10 switch to route traffic between two VLAN's, but I don't get it to work properly. Here's my setup with which I'm testing this:
Both PC's are able to ping the IP-address of the switch in their own corresponding VLAN, but they are also able to ping the IP-address of the switch in the other VLAN. However, they are not able to ping each other, while I can ping both PCs from the CLI of the switch.
No Internet access is needed in this setup, so I don't have to create a default route on the switch, it's just these two hosts that need to communicate with each other.
Here's the config:
config-file-header
switch92d92d
v1.4.0.88 / R800_NIK_1_4_194_194
CLI v1.0
set system mode router
file SSD indicator encrypted
@
ssd-control-start
ssd config
ssd file passphrase control unrestricted
no ssd file integrity control
ssd-control-end cb0a3fdb1f3a1af4e4430033719968c0
!
vlan database
vlan 30,32
exit
voice vlan oui-table add 0001e3 Siemens_AG_phone________
voice vlan oui-table add 00036b Cisco_phone_____________
voice vlan oui-table add 00096e Avaya___________________
voice vlan oui-table add 000fe2 H3C_Aolynk______________
voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone
voice vlan oui-table add 00d01e Pingtel_phone___________
voice vlan oui-table add 00e075 Polycom/Veritel_phone___
voice vlan oui-table add 00e0bb 3Com_phone______________
bonjour interface range vlan 1
hostname switch92d92d
ip telnet server
!
interface vlan 1
no ip address dhcp
shutdown
!
interface vlan 30
ip address 10.30.250.21 255.255.255.0
!
interface vlan 32
ip address 10.32.250.11 255.255.255.0
!
interface gigabitethernet1
switchport mode access
switchport access vlan 32
!
interface gigabitethernet2
switchport mode access
!
interface gigabitethernet3
switchport mode access
!
interface gigabitethernet4
switchport mode access
!
interface gigabitethernet5
switchport mode access
!
interface gigabitethernet6
switchport mode access
!
interface gigabitethernet7
switchport mode access
!
interface gigabitethernet8
switchport mode access
!
interface gigabitethernet9
switchport mode access
switchport access vlan 30
!
interface gigabitethernet10
switchport mode access
!
exit
01-06-2015 05:08 AM
Hi Basic-Fit,
This seems to be related to windows firewall so please try to disable Windows firewall and test.
Regards,
Aleksandra
01-06-2015 05:12 AM
Hi,
It's not related to the Windows firewall. It is disabled by a GPO on our network and I can ping both hosts if I connect them to the same VLAN.
Regards, Leo.
01-07-2015 07:14 AM
Hi Leo,
Can you do packet capture on both PC to see what is missing arp or ICMP?
Regards,
Aleksandra
01-07-2015 07:31 AM
Hi Aleksandra,
If it's ICMP related, that would mean that I should be able to use other protocols, but I'm not able to use SMB, HTTP and RDP either. ARP is layer 2 only, so I don't think it's ARP related either.
There must be something in the switch config that doesn't work properly.
01-07-2015 08:01 AM
Hi Leo,
Yes you are right for ARP if you can ping the other vlan interface thus default gateway ARP response has no issue. Since such a setup normally works and configuration is correct either it is something with the way it is tested or the devices used for testing. Unfortunately without packet capture I cannot say much more than that.
Regards,
Aleksandra
01-08-2015 05:32 AM
While building a new test setup to do packet captures, suddenly it worked. I don't know what I've done different this time, but my problem's solved now. Thanks for you effort.
Leo.
01-08-2015 06:02 AM
Great! Thank you Leo for feedback.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide