Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1014
Views
0
Helpful
5
Replies

VLANs, DHCP Relay and Windows Server 2008 - Inter-VLAN routing OK but no Internet

spqritmtl
Level 1
Level 1

‎01-21-2016 08:01 AM

Hello,
I've purchased a Cisco SG500X 48-Ports+4 10GBe in order
to create 2 or more VLANs. The goal is to have separated
LANs for VMware and Windows Server, all together
on the same physical network.
I've created 3 VLANs so far. The default one, VLAN1 (192.168.10.1),
has the Netgear Router (192.168.10.1) and my main Windows Server 2008
(192.168.10.2) as untagged member.
The second one, VLAN10 (192.168.11.1), has two computers
and an wireless AP as untagged members.
IPv4 routes have been added to Cisco Switch for VLANs, as well on
netgear router's side.
I setup DHCP relay so VLAN10 can get its IP address
from Windows Server (I setup a 2nd scope for range
192.168.11.0).
I can ping within the two VLANS, I can eve access
mapped drives from PCs having 192.168.11.x as IP adress
and the opposit (from 192.168.10.x to 192.168.11.x).
Problem is that there is not Internet on
all PCs from VLAN10 (192.168.11.x scope).
I have to say that I've followed all the setps
needed to make this work from several documents on line.
I don't know where to start checking from: is there something
missing on Windows Server side, Router side or Switch side?
A little help will be much appreciated.
I can send cisco's switch config file if needed.
Thnaks very much,

Labels:
0 Helpful
5 Replies 5

Lee Cox
Level 2
Level 2

‎01-21-2016 05:18 PM

I have an SG300-28 switch running and I was looking at your config.  I believe one of your problems is your VLAN1 is 192.168.10.1  and your Netgear router 192.168.10.1 have the same IP.  I like to use 254 for all my VLAN IPs so I would use 192.168.10.254 for my VLAN IP.

All workstations need to use the VLAN IP for their default gateway.  So the default gateway for VLAN1 would be 192.168.10.254 and the default gateway for PCs on VLAN10 would be 192.168.11.254.  You could use 192.168.11.1 for VLAN10 since there is no conflict but I like to keep everything consistent

The Netgear router will require static routes point back to the layer 3 switch.  Since the physical connection is VLAN1 you will only static routes networks not attached like VLAN10 so you would point to 192.168.10.254 for the static route for VLAN10.  .

You also need a default route on the layer 3 switch pointing to the router 192.168.10.1.

0 Helpful

spqritmtl
Level 1
Level 1
In response to Lee Cox

‎01-21-2016 06:40 PM

Thanks lee for your quick answer!

As a matter of fact, my default VLAN, VLAN1 is setup on my Cisco SG500X layer 3 router, whose default IP address is 192.168.10.10. I don't see any conflict between VLAN1 & 10. I took a look at the config file and realized that the IP route is 192.168.10.1 for both VLANs. Is that wright? Or should it be 192.168.10.10 (L3 router). One thing I've done though is to delete the route on my Netgear router for VLAN1 as you requested. No changes... I still don 't have internet on PC assigned to VLAN10. I've attached the config file so you can take a look and tell me if there is something else to change. Thanks again in advance,

Preview file
5 KB
0 Helpful

Lee Cox
Level 2
Level 2
In response to spqritmtl

‎01-22-2016 10:48 AM

What is your Netgear router IP address? It has the same IP as the VLAN1 in the original post. Check original post.  If I know your router IP I can give more specifics.

The static routes on the router need to point to the layer 3 switch's connected Ethernet port IP address.

The default route on the layer 3 switch points to the router's IP address.

The router needs to be a member of what ever VLAN it is plugged into. Also the router should be plugged into an access port not a trunked port.

0 Helpful

spqritmtl
Level 1
Level 1
In response to Lee Cox

‎01-22-2016 11:16 AM

Netgear Router: 192.168.10.1

Cisco SG500X Switch: 192.168.10.10

VLAN1: 192.168.10.x

VLAN10: 192.168.11.x

Cisco on VLAN10: 192.168.11.1 (default gateway for that VLAN)

Router port is plugged into a trunked member port of VLAN1. I'll change it to access port.

BTW, what is the difference between ACESS and TRUNK. Is TRUNK for switch inter-connection and ACCESS for direct connection?

Thnaks again,

0 Helpful

Lee Cox
Level 2
Level 2
In response to spqritmtl

‎01-22-2016 11:39 AM

You want to use an access port because your layer 3 switch is doing the routing.  If the Netgear router was doing the routing then you would use a trunk port.  You shoud not have the VLANs defined on the Netgear router just an IP address for the router which matches the VLAN network that it is plugged into on the layer 3 switch..  Use DHCP on the layer 3 switch or a server.

0 Helpful
Customers Also Viewed These Support Documents