Thank you for responding :). Yes it is in L3 mode (first thing i did).

I have read somewhere about assigning the switch a default-gateway however I can't see it in the web UI anywhere, would this make a difference?

any update on this? 

i had to use the cli for gateway settings on my sg500's, assuming your gateway is also handling external DNS (and ensure you backup config first!)

yourSwitch#configure terminal

yourSwitch(config)#ip default-gateway 192.168.1.254

yourSwitch(config)#ip name-server 192.168.1.254

yourSwitch(config)#ip routing

yourSwitch(config)#exit

yourSwitch#copy running-config startup-config

ip routing is a vital step. probably going to need a reboot!

Hello everyone,

Sorry for the lack of update. Another project came up which I had to concentrate on. So now I am back to this.I will certainly try this to see if this works.

I will also be needing to buy a router for a new site so will try the other solution as well

Having just had a chance to work on this, it doesn't seem to make a difference.

It does look like the route back on the router is the key issue here.

Just for reference, the second vlan is now at 192.168.2.1 with a route to 0.0.0.0 and this is set to route to 192.168.1.254.

I will need to look at getting a router we control so that i can bridge it with the ISP controlled router.

Thank you for responding :)

Ah ok, so some changes do need to be made on the router. I had read a few articles pointing towards this but was hoping it could be done on the switch.

As we have no control over the ISP router (the ISP manages it and won't allow me access), would it be a sensible or achievable thing to have an access point / router between the switch and the ISP provided one. So...

ISP Router (Managed by ISP)

|

|

Internal router (passing internet traffic to ISP router)
With internal routing for inter-vlan comms and internet traffic.

|

|

Switch, network, good stuff.

It would seem sensible to be able to make these changes on something under our control so if we need any changes done, we do not need to wait hours for it to be actioned (plus if it is slightly wrong we can action it straight away). If this is a viable solution, lots of people mention a sonic wall in their articles (which i will look up) but as the internal router is not needing to be anything hugely special (small business), is there anything i should look for before purchasing or even some recommendations. (Read lots of articles with many running a RV042?)

Again, thanks for all your help.

I can't think of any way around this.  The ISP router will need a return route to be able to get back to your 10.0.10.0/24 network.  I suppose a more advanced L3 switch using a routing protocol might work if the ISP router could be set to use the routing protocol, but realistically what I would recommend is to use your own firewall/router and the ISP put their box in bridged mode.  This way you have full control of your network.

How many users and how much throughput do you need?  Cisco Meraki has some really nice gear that would do the trick.

At the moment we are looking at around 25 - 30 users. Large majority of those will be on WiFi just due to portability. A couple of vlans to separate off certain department machines and at least one shared vlan for printers and other common equipment.

I think so long as we can put our own router / firewall in the middle and have full control over it, that suites fine. I loath having to contact the ISP everytime i need a port opening or an IP reserving.

I'll have a chat to the ISP to make sure they can provide what we need and then it's back to the purchasing board.

Thank you so much for your help

Check out Cisco Meraki MX64.  It is a great value for that size and has a lot of nice features you should appreciate.  Good luck.

Thanks for the response. I will soon be giving this a go so will let you know how it all proceeds.