03-21-2019 07:21 AM
Would appreciate if someone could help me get my home lab VM to connect to the internet. I've read many discussion from others and did the same but there's something missing I can't out. VLAN internal routing is working as expected and i"m able to ping between vlan. I attached all my settings in the attached. Thanks for helping!
1. Verizon Fios ISP connected to my Linksys AC1900 router (dd-wrt firmware). Router IP is 192.168.1.1 and providing DHCP to clients.
2. Linksys router is connected to my SG300-20 on port 20. SG300-20 interface IP is 192.168.1.2
3. Created Vlan 2 - Vlan 10 on SG300-20. All VLAN are tagged on ports 2-19 on sg300.
4. Created Vlan IP for each Vlan and port Vlan.
5. All ports on SG300-20 configured as trunk
6. All VLAN are member of port 2 - 19 on sg300-20
7.Created a static route to 0.0.0.0 and next hop is 192.168.1.1 (my linksys)
8. Created static route from my Linksys router back to all VLAN on SG300-20 switch with gateway of 192.168.1.2
I had to laptops configured with static IP for different vlan and plug them to the my cisco sg300 switch. Both laptop can communicate just fine and was able to ping their subnet gateway as well as the gateway on Linksys (192.168.1.1). However I'm not able to get to the internet. If I change the laptop to VLAN1, Internet works fine.
laptop1
192.168.2.100
255.255.255.0
192.168.2.1
laptop2
192.168.3.100
255.255.255.0
192.168.3.1
03-21-2019 07:26 AM
Hi there,
If a device in any VLAN can reach the Linksys router inside address (192.168.1.1) then inter-VLAN routing is fine.
The next stone to turn would be the NAT setting on the Linksys. I'd wager that it is currently only NAT'ing/ permitting traffic from VLAN1 (192.168.1.0/24)
cheers,
Seb.
03-21-2019 07:50 AM
Hi Seb, thanks for a quick response. That was the last thing I was going to try but when I go to my Linksys router under NAT/Qos I just don't see the NAT feature. It has port forwarding only. Are you familiar with dd-wrt and would kindly show me how to do the Natting?
03-21-2019 08:35 AM
I had a look at the dd-wrt site, but it only talks about bridging the ports on the back of the router to the WAN port:
...but that doesn't fit your requirement. Since it uses iptables, it should be a case of setting up masquerading. It has been a long time since I looked at iptables but I have come up with (eth0 is the WAN, eth1 and eth2 are internal interfaces. I guess you could change these to VLAN inteface names?):
iptables -A FORWARD -i eth0 -o eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT iptables -A FORWARD -i eth0 -o eth2 -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -A FORWARD -i eth2 -o eth0 -j ACCEPT iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
...no guarantees that will work. Infact I am not sure where you would enter it on dd-wrt. Does it have a CLI??
cheers,
Seb.
03-21-2019 07:38 AM
Hello,
All other vlan's are allowed on NAT configuration on your LINKSYS?
Setting up NAT on Linksys: https://forums.techguy.org/threads/setting-up-nat-on-a-linksys-router.473494/
03-21-2019 07:53 AM
Thanks Jaderson. I don't think other vlans are NAT. The only thing I did was created static route back to my home lab vlan. I'm trying to figure out how to do the natting on linksys dd-wrt. I will look at the link you provide and try.
Thanks,
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide