Buy or Renew
Buy or Renew
This forum will be in read-only mode June 18th - July 18th to improve post findability. Watch this post for updates
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
808
Views
0
Helpful
2
Replies

SG350 - Issue Routing Between VLANs

Go to solution
RossSnow41537
Level 1
Level 1

‎01-23-2021 01:23 PM

Hi All, I am a beginner here and looking for some help with intervlan routing using an SG320-10. 

 

I updated the switch to the latest firmware (2.5.5.47) and started with default configuration. 

 

I followed Cisco's video here (I only changed the vlan numbers and IPs slightly). The configuration from this video is just does not work. 

https://www.youtube.com/watch?v=xK5HmMlaIlg

 

Here is my config:

 

PC1  >>>  SG350  <<< PC2 (that's it, nothing else)

VLAN1: IP: 192.168.1.1/24   Ports 1,2,6,7,8,9

VLAN2: IP: 192.168.2.1/24   Ports 3,4

VLAN3: IP:192.168.3.1/24    Ports 5,10

 

VLAN2 DHCP Pool: 192.168.2.100 - 200  /24  Default Gateway (auto - gives out 192.168.2.1)

VLAN3 DHCP Pool: 192.168.3.100 - 200 /24  Default Gateway (auto - gives out 192.168.3.1)

 

Here are the results:

Connect PC1 to Port3 (VLAN2) - PC gets IP thru DHCP - 192.168.2.100 255.255.255.0 Default Gateway 192.168.2.1

Connect PC2 to Port5 (VLAN3) - PC gets IP thru DHCP - 192.168.3.100 255.255.255.0 Default Gateway 192.168.3.1

 

PC1 Ping Test (192.168.2.100)

>Ping 192.168.2.1 - Success. 

>Ping 192.168.3.1 - Success. (seems to be across vlans, right?)

>Ping 192.168.3.100 - Request Time Out

 

PC2 Ping Test (192.168.3.100)

>Ping 192.168.3.1 - Success

>Ping 192.168.2.1 - Success

>Ping 192.168.2.100 - Request Timed Out.

 

Move PCs to same VLAN. 

Move PC1 to port10(VLAN3) - PC gets IP thru DHCP - 192.168.3.101 255.255.255.0 Default Gateway 192.168.3.1

 

PC1 Ping Test Again (now 192.168.3.101)

Ping 192.168.3.1 - Success

Ping 192.168.2.1 - Request timed out. (Why? Because once there are no hosts remaining on VLAN2, the VLAN interface status changes to down. OK, that makes sense, sort of.)

Ping 192.168.3.100 - Success (Yep, so my PCs can ping each other - no firewall problems, unless is it possible that the firewall is blocking ICMP messages from different networks? I dont think so. That would be a first for me.)

 

 

Any help is appreciated!

 

 

 

 

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎01-23-2021 01:29 PM

If you were able to ping other VLAN Interface Looks Layer 3 routing working high level.

 

what kind of these devices windows PC, then Windows has default Firewall enabled, disable both the side and test and advise - before we dig deep in to other issues and solutions.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

View solution in original post

0 Helpful
2 Replies 2

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎01-23-2021 01:29 PM

If you were able to ping other VLAN Interface Looks Layer 3 routing working high level.

 

what kind of these devices windows PC, then Windows has default Firewall enabled, disable both the side and test and advise - before we dig deep in to other issues and solutions.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
RossSnow41537
Level 1
Level 1

‎01-24-2021 05:38 AM

Yes, Sir. You are correct. The issue was Windows firewalls. Once I turned off the firewalls, the PCs could ping each other.

 

I am surprised by this. I thought I was verifying the firewall was not blocking ICMP messages by testing ping on the same VLAN, but obviously there was an issue across the networks. 

0 Helpful
Customers Also Viewed These Support Documents