Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
701
Views
0
Helpful
1
Replies

SG300-10 RV325 WAP371 VLAN Internet

Kyle9091
Level 1
Level 1

‎12-05-2018 01:01 AM - edited ‎12-05-2018 11:37 AM

Recently moved to a new place with fiber/dsl. I previously had my RV325/WAP371 working fine, with the AP on a different subnet. Right now I have the RV325 in the basement routing to the ports in each of the rooms. That works fantastic. I added a SG300 to hopefully allow an extra route so the AP doesn't have to be located down below. Current setup is:

 

RV325: VLAN1 192.168.0.1 (goes to upstairs "office" port)

   subnet: VLAN 10 house: 192.168.2.1

               VLAN 15 media-room: 192.168.3.1

 

SG300: 192.168.0.5

   VLAN 21 WAP 192.168.1.1, DHCP network pool 192.168.1.100-192.168.1.150

 

WAP371: 192.158.0.21

 

In my office room, the router serves up 192.168.0.x from the wall. The SG300 is plugged into that, then the WAP371 is plugged into the switch (GE8).

 

I've enabled access membership to SG300 VLAN21/GE8, it serves up ip's in 192.168.1.100+ all day long.

 

On the SG300, there is a static route of 0.0.0.0/0 192.168.0.1 (router).    

 

On the RV325 there is a static route of 192.168.1.0 to gateway 192.168.0.5 (switch).

 

If I plug a pc into any other port on the switch, Internet connection is fine. Once I go to the GE8 192.168.1.x port I can't get outside. Anything within 192.168.1.x, (using the AP as a device), can ping each other. But can't get to 8.8.8.8 or whatever.

 

I've read through the myriad of forums but can't get anywhere. While this has been a great educational experience, I'd like to stick a fork in this project. I feel like I'm missing just a thing or 2, perhaps someone can shed some light, many thanks.

 

Kyle

 

SG300-10 config below, please let me know what other details would help:

 

config-file-header
switch2fc0f4
v1.4.9.4 / R800_NIK_1_4_205_011
CLI v1.0
set system mode router

file SSD indicator encrypted
@
ssd-control-start
ssd config
ssd file passphrase control unrestricted
no ssd file integrity control
ssd-control-end ***
!
vlan database
vlan 21
exit
voice vlan oui-table add 0001e3 Siemens_AG_phone________
voice vlan oui-table add 00036b Cisco_phone_____________
voice vlan oui-table add 00096e Avaya___________________
voice vlan oui-table add 000fe2 H3C_Aolynk______________
voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone
voice vlan oui-table add 00d01e Pingtel_phone___________
voice vlan oui-table add 00e075 Polycom/Veritel_phone___
voice vlan oui-table add 00e0bb 3Com_phone______________
ip dhcp server
ip dhcp pool network wap
address low 192.168.1.100 high 192.168.1.150 255.255.255.0
default-router 192.168.1.1
dns-server 8.8.8.8
exit
bonjour interface range vlan 1
hostname switch2fc0f4
no passwords complexity enable
username cisco password encrypted***
clock timezone " " -8
clock summer-time web recurring usa
clock source sntp
clock source browser
sntp unicast client enable
sntp unicast client poll
sntp server 128.138.141.172
sntp server time.nist.gov
ip telnet server
!
interface vlan 1
ip address 192.168.0.5 255.255.255.0
no ip address dhcp
!
interface vlan 21
name WAP
ip address 192.168.1.1 255.255.255.0
!
interface gigabitethernet8
switchport mode access
switchport access vlan 21
!
exit
ip default-gateway 192.168.0.1

Labels:
0 Helpful
1 Reply 1

Kyle9091
Level 1
Level 1

‎12-07-2018 09:11 PM

Update:

 

Was able to solve this at last. Turned out the RV325 firewall was blocking the requests from the 192.168.1.x net. Odd thing was, there was nothing in the log showing blocks, despite having all the flags set. Posting the latest switch config in case it's useful:

 

config-file-header
switch-m
v1.4.9.4 / R800_NIK_1_4_205_011
CLI v1.0
set system mode router

file SSD indicator encrypted
@
ssd-control-start
ssd config
ssd file passphrase control unrestricted
no ssd file integrity control
ssd-control-end cb0a3fdb1f3a1af4e4430033719968c0
!
vlan database
vlan 21
exit
voice vlan oui-table add 0001e3 Siemens_AG_phone________
voice vlan oui-table add 00036b Cisco_phone_____________
voice vlan oui-table add 00096e Avaya___________________
voice vlan oui-table add 000fe2 H3C_Aolynk______________
voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone
voice vlan oui-table add 00d01e Pingtel_phone___________
voice vlan oui-table add 00e075 Polycom/Veritel_phone___
voice vlan oui-table add 00e0bb 3Com_phone______________
ip dhcp server
ip dhcp pool network wap
address low 192.168.1.200 high 192.168.1.250 255.255.255.0
default-router 192.168.1.1
dns-server 8.8.8.8
exit
bonjour interface range vlan 1
hostname switch-m
logging buffered debugging
logging file debugging
no passwords complexity enable
passwords aging 0
username cisco password encrypted *** privilege 15
clock timezone " " -8
clock summer-time web recurring usa
clock source sntp
clock source browser
sntp unicast client enable
sntp unicast client poll
sntp server 128.138.141.172
sntp server time.nist.gov
ip name-server 8.8.8.8 8.8.4.4
ip telnet server
!
interface vlan 1
ip address 192.168.0.5 255.255.255.0
no ip address dhcp
!
interface vlan 21
name WAP
ip address 192.168.1.1 255.255.255.0
!
interface gigabitethernet8
switchport trunk native vlan 21
!
exit
ip default-gateway 192.168.0.1

0 Helpful
Customers Also Viewed These Support Documents