Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2078
Views
0
Helpful
5
Replies

VLAN help SG300

Go to solution
scott.trueblood
Level 1
Level 1

‎03-18-2015 08:43 AM

I've successfully setup a VLAN but....

 

 

From 192.168.1.x I can ping everything on 192.168.50.x

Inside of VLAN 50 ports 5&6 both the laptop and the nas server can talk to 192.168.50.1.

From 192.168.1.x I can access all of the 192.168.50.1 resources.

Inside VLAN 50 I can ping 192.168.50.1 but cannot access anything else inside the VLAN or out.

From the laptop 192.168.50.100 I cannot ping 192.168.50.50 (NAS) but I can ping the 192.168.50.1 gateway. I cannot ping any internet addresses.

New guy learning VLANS here. Any ideas why this is happening?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
cchamorr
Level 5
Level 5
In response to scott.trueblood

‎03-20-2015 05:54 AM

Hello and thank you for the reply.

I apologize, I didn't knew what was the purpose of the configuration.

If what you are trying to do is configuring your network so the switch is doing the routing then these are the steps:

1- Set the switch on layer 3

2- Create the VLANs

3- Assign Ip addresses to all the VLANS.

4- So that all the VLANs can go out to the internet, you will need to create a default route on the switch. It should look something like this: 0.0.0.0 0.0.0.0 IP_address_of_router

5- On the router you need to create static routes for all VLAN's the router doesn't know about. When creating the static routes, make sure to send that traffic to the IP address of the switch on the same VLAN as the router.

6- Last, buy maybe the most important one step is to make sure that all the PC's are using the IP address of the switch as the default gateway for the VLAN they belong to.

Try this and let us know if it worked. Also, don't hesitate to ask ay questions if something wasn't clear enough.

View solution in original post

0 Helpful
5 Replies 5

Go to solution
cchamorr
Level 5
Level 5

‎03-18-2015 02:29 PM

Hello, 

I'm sorry you are having issues with the device, but in order to help you we will need more information.

1- Do you have VLANS created on the RV180?

2- Is the SG300 on layer 2 or layer 3?

3- Whne you configured the VLANS on the switch, did you assigned Ip addresses to the VLANS on the switch or not?

Now, if we are talking about best practices, your configuration should look a little like this:

1- Create both VLANS on the RV180. By default all VLANS will pass trough all the ports on the router.

2- When you are creating the VLANS on the router you cn select to enable Inter-VLAN routing or not. Acording to your post you want to have that enabled.

3- Ideally the SG300 will be on layer 2 because the RV180 will be doing all the routing.

4- Create the VLANS on the SG300 with no IP addresses.

5- Configure the uplink port on the swithc connecting to the router as a Trunk with Vlan 1 (default) untagged and VLAN 50 tagged.

6- Configure the ports on the switch for every VLAN as (desired VLAN #) untagged

This is it, you should be able to ping and connect to everything on the network from either VLAN and you will also have internet access on both VLANS.

I hope this was helpful.Please let us know if you have any questions.

0 Helpful

Go to solution
scott.trueblood
Level 1
Level 1
In response to cchamorr

‎03-20-2015 05:32 AM

OK, I see what you are suggesting here but I'm trying to learn layer 3 VLAN switching.

So far I have gotten my config with everything working with one exception.

 

the default vlan 192.168.1.1 can get to the internet but the others can't

From the 50 VLAN I can poing 192.168.1.1 but I can't ping to the internet.

I did allow outbound any any for 192.168.50.x on the firewall (192.168.1.1)

 

Any suggestions?

0 Helpful

Go to solution
cchamorr
Level 5
Level 5
In response to scott.trueblood

‎03-20-2015 05:54 AM

Hello and thank you for the reply.

I apologize, I didn't knew what was the purpose of the configuration.

If what you are trying to do is configuring your network so the switch is doing the routing then these are the steps:

1- Set the switch on layer 3

2- Create the VLANs

3- Assign Ip addresses to all the VLANS.

4- So that all the VLANs can go out to the internet, you will need to create a default route on the switch. It should look something like this: 0.0.0.0 0.0.0.0 IP_address_of_router

5- On the router you need to create static routes for all VLAN's the router doesn't know about. When creating the static routes, make sure to send that traffic to the IP address of the switch on the same VLAN as the router.

6- Last, buy maybe the most important one step is to make sure that all the PC's are using the IP address of the switch as the default gateway for the VLAN they belong to.

Try this and let us know if it worked. Also, don't hesitate to ask ay questions if something wasn't clear enough.

0 Helpful

Go to solution
scott.trueblood
Level 1
Level 1
In response to cchamorr

‎03-20-2015 03:42 PM

Fantastic!!! The 0.0.0.0 route was the only thing I was missing.

 

So I do have one last question. You say best practices.....

How do I benefit doing this layer 2 as you suggest as opposed to doing it layer 3? My understanding is that layer 3 is more efficient than layer 2 unless that is wrong. I don't know.

If I was using a 3rd party firewall that doesn't have the Inter VLAN setting and does not support VLANS wouldn't I be suck going layer 3 to make all of this work?

0 Helpful

Go to solution
cchamorr
Level 5
Level 5
In response to scott.trueblood

‎03-20-2015 10:16 PM

Hello,

Im glad that you were able to get it to work.

In regards to your questions:

1- How do I benefit doing this layer 2 as you suggest as opposed to doing it layer 3? It depends on your configuration, the switch, even on layer 3 won't do NAT so it won't be able to take PC's out to the internet, which means that you have to do a lo more configuration than if you just use a router and the switches on layer 2.

2- My understanding is that layer 3 is more efficient than layer 2 unless that is wrong. I don't know. Again, this is not a "One size fits all" type of configuration, depending on the amount of traffic, you may want to keep the local traffic restricted to the switch, which usually is more powerful than the router and just send the internet traffic (more lightweight) to the router.

3-If I was using a 3rd party firewall that doesn't have the Inter VLAN setting and does not support VLANS wouldn't I be suck going layer 3 to make all of this work? Yes, if you have a router that is not VLAN capable, then you will definitely have to configure your switch on layer 3 to route the VLANS and only use the router as your Gateway to the internet.

I hope this was helpful.

Please remember to mark an answer as correct if it was helpful to you so that other members can benefit from it.

0 Helpful
Customers Also Viewed These Support Documents