Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3357
Views
0
Helpful
16
Replies

Can't access outside world from any VLAN

Joshua Schaeffer
Level 1
Level 1

‎03-05-2013 10:50 AM - edited ‎03-07-2019 12:04 PM

Hey Guys, very new to networking and looking for some help.  I've been trying to learn more about networking and am a hands on learner, so I bought an SG300 managed switch to setup my home lab.  I've setup several VLANs successfully (at least as far as I can tell), assigned all the ports on the switch to their respective VLANs, and have at least one server and/or workstation attached to each VLAN.  Below is the general layout of each VLAN and a diagram:

VLAN / DeviceIP Address / IP Range
Gateway Router10.1.8.1
SG-300 Managed Switch10.1.8.2
VLAN 100 (Default)10.1.8.0/24
VLAN 10 (Public)10.1.12.0/25
VLAN 11 (Public Data)10.1.12.64/26
VLAN 20 (Secure)10.1.11.0/24
VLAN 30 (Internal)10.1.10.0/25
VLAN 31 (Internal Server)10.1.10.32/27
VLAN 32 (Internal Client)10.1.10.64/26
VLAN 90 (WiFi and Print)10.1.15.0/24

networkDiagram.jpg

The gateway router and switch fall under VLAN 100, the default VLAN.  The problem i'm experiencing is I can't get to the internet from any of my VLANs except the default.  However, all interVLAN routing seems to be working successfully.  I've performed the following tests:

1.  I can ping the gateway of any VLAN from that VLAN

2.  I can ping the gateway of any VLAN from a different VLAN

3.  I can ping any server or workstation on the same VLAN (a.k.a. two servers under the same VLAN)

4.  I can ping any server or workstation on a different VLAN (a.k.a. two server each under a different VLAN)

5.  I can ping the switch (10.1.8.2) from any VLAN

6.  I can ping any gateway and any active server/workstation on any VLAN from the switch (10.1.8.2)

7.  I can not ping the gateway router (10.1.8.1) from any VLAN except 100

8.  I can not ping any gateway or active server/workstation from the gateway router (10.1.8.1) - however I just realized I didn't try pinging a server on the default VLAN from the gateway router.  I'm assuming this will work.

I also have not tried pinging the gateway router (10.1.8.1) from the switch (10.1.8.2).  I guess I could try these when I get home.

Where should I start looking to correct this problem?  And detailed steps/explanations would be appreciated, as, again, I am very new to all of this.  I also do not mind constructive criticism about my network layout.

Thanks,

Joshua

Labels:
0 Helpful
16 Replies 16

Joshua Schaeffer
Level 1
Level 1
In response to jhovik157

‎09-09-2014 09:07 PM

I really don't like that router, most of the configuration is not available to you, and talking to Comcast is a nightmare. I ended up buying a Cisco 1941 to have a proper router and switch. When I setup the 1941 and SG300 I still had a similar problem. It turned out it was related to NATing and setting up the correct access-list for each VLAN (I posted another thread for this problem: https://supportforums.cisco.com/comment/9887271). It could be that it really is the same problem with the Comcast router, but I was never able to figure it out with just the Comcast router.

Sorry I couldn't be more help.

Joshua

0 Helpful

jhovik157
Level 1
Level 1
In response to Joshua Schaeffer

‎09-10-2014 01:04 PM

 I agree the SMC router NAT is the issue and there is no way I can set it up properly so I will be using it in bridge mode only and will purchase an edge router to handle everything.

0 Helpful
Customers Also Viewed These Support Documents