Inter VLAN routing is OK by having problem with the internet connectivity in my SG300 network

lantech.solution · ‎08-26-2016

I have a typical scenario as attached. Here my VLAN1 can cross the cyberom but rest of the VLANs can not cross the cyberom for internet and other WAN communication. Please help.

I have also configured default gateway on my core switch (which is in L3 mode) as 10.0.7.1 which is an IP of my cyberom.

My all the VLANs are across the switches and have no problem in inter VLAN communication. Suitable trunk/tagged/untagged type of port configuration seems to be OK.

Waiting for early response. Please let me know if any more inputs are required.

Thanks and regards,

Jayesh Trivedi

zdesignstudio · ‎08-26-2016

The issue lies with your Firewall. You are probably hitting an explicit deny rule because it doesn't have a match for your other VLANs to allow traffic out.

The reason you DO have inter-vlan routing is because the SG300 is doing the routing and not the firewall.

Please rate useful posts and mark answers as correct if applicable.

paul driver · ‎08-26-2016

Hello
Probably require NAT to allow your lan subnets to access the internet.

Do you have a FW or RTR between the L3 switch and the internet that can perform this for you?

As looking at your topology I doubt your current L3 switch would be applicable to support NAT

res
Paul

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul