01-17-2014 03:48 PM - edited 03-07-2019 05:38 PM
Hi, I need some help setting up VLAN on SG300 switch.
Here's the toplogy:
SG300 switch (VLAN1, and VLAN200)
|
|
ASA 5510 firewall
|
|
ISP router
VLAN 1 - Interface IP: 192.168.1.5
VLAN 200 - Interface IP: 10.10.10.254
ASA 5510 - 192.168.1.253
Static route has been added on ASA 5510 and SG300
ASA 5510
S 10.10.10.0 255.255.255.0 [5/0] via 192.168.1.5, inside
SG300
S 0.0.0.0/0 [1/1] via 192.168.1.253, 16:25:47, vlan 1
C 10.10.10.0/24 is directly connected, vlan 200
C 192.168.1.0/24 is directly connected, vlan 1
On the SG300, I have 1 port for VLAN 200 as accessport, VLAN 200 untagged, VLAN1 tagged.
I have one PC connected to VLAN 200, ip address: 10.10.10.10
Here's what I have so far:
- I can ping to the PC in VLAN 200 from any workstation in VLAN 1
- I can ping from the PC (10.10.10.10) in VLAN 200 to any workstation in VLAN 1
- I can browse the Internet by using google DNS 8.8.8.8
The problem:
- I cannot get any data between the VLAN's. I have HTTP webserver on VLAN 1, and I cannot get to it from VLAN 200. I cannot get to my DNS server in VLAN 1. I cannot access any workstation from VLAN 1 either.
The fact that I can ping from the PC in VLAN 200 to PC's in VLAN 1 and vice versa indicates that the traffic is being routed through the VLAN's. But it is just very confusing that I'm unable to get any data across.
Any help would be very much appreciated!! Thanks in advance!!
01-20-2014 05:57 PM
I just like to add:
I have added ACL to permit all traffic from any IP to any IP, and bind the ACL to both VLAN and the port.
I'm trying to send traffic across the VLAN, from VLAN 200 to VLAN 1 and vice versa. But I'm still only able to get ping's across, no other IP traffic can be sent across.
01-21-2014 01:06 PM
I'm attaching some screenshots here. Please help me out if you have any ideas/clues on my issue. Thanks!
Port# 7 is set to accessport for VLAN 200
VLAN 1 setting:
VLAN 200 setting:
IP interface config:
Routes on SG300:
I'm not sure if it's the ACL preventing access, so I'm setting it to permit all from any ip to any ip:
Bind ACL to VLAN:
Bind ACL to port# 7
Static route on my firewall ASA 5510:
Ping results from a host in VLAN 1 to VLAN 200 (from 192.168.1.40 to 10.10.10.10). I get same results vice versa.
SG300 current version (I believe it's the latest version as of now 1/21/14)
07-21-2015 05:58 AM
Did this ever get fixed?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide