SG300 VLAN routing

nicholasp1 · ‎03-08-2014

Hi There, I have a SG300-10MP, running in L3 Mode. connected to a ddwrt modem/router (to be replaced in the near future) 192.168.32.1
latest firmware, & 3x Networks
I am having issues routing between the VLANs and connecting to the Internet (or even the Router)
I am using both CLI and GUI and have been trying for a couple of days and feel as though I am constantly missing something simple.
What I want is to be able to access the Web from either VLAN and to be able to connect between the VLANs if required. I want to have as much of the setup on the SG300, so I can change the modem out with other models quickly.
I am running the SG300 as a DHCP server,
VLAN 20 is for PRI users (ports 1-4)
VLAN 30 is for SEC users (ports 5-8)
VLAN 40 is for the connection to the router. (port 10)
I can ping hosts on all 3 networks directly from the SG300, and I can Ping the SG300 interface address from other devices, (even across VLAN) but no device to device) (no firewalls etc as proven by the router to device ping)
I have tried ARP proxy ON and OFF with no change

any suggestions are appreciated.

Thank you in advance,

TESTSWITCH#show run
config-file-header
TESTSWITCH
v1.3.7.18 / R750_NIK_1_35_647_358
CLI v1.0
set system mode router

file SSD indicator encrypted
@
ssd-control-start
ssd config
ssd file passphrase control unrestricted
no ssd file integrity control
ssd-control-end cb0a3fdb1f3a1af4e4430033719968c0
!
vlan database
vlan 20,30,40
exit
voice vlan oui-table add 0001e3 Siemens_AG_phone________
voice vlan oui-table add 00036b Cisco_phone_____________
voice vlan oui-table add 00096e Avaya___________________
voice vlan oui-table add 000fe2 H3C_Aolynk______________
voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone
voice vlan oui-table add 00d01e Pingtel_phone___________
voice vlan oui-table add 00e075 Polycom/Veritel_phone___
voice vlan oui-table add 00e0bb 3Com_phone______________
ip dhcp server
ip dhcp pool network PRI
address low 192.168.20.2 high 192.168.20.249 255.255.255.0
lease 5
domain-name PRI
dns-server 8.8.8.8
exit
ip dhcp pool network SEC
address low 192.168.30.2 high 192.168.30.249 255.255.255.0
dns-server 8.8.8.8
exit
bonjour interface range vlan 1
hostname TESTSWITCH
snmp-server location KEL
snmp-server contact NIC
!
interface vlan 1
no ip address dhcp
!
interface vlan 20
name PRI
ip address 192.168.20.250 255.255.255.0
!
interface vlan 30
name SEC
ip address 192.168.30.1 255.255.255.0
!
interface vlan 40
name TRUNK
ip address 192.168.32.250 255.255.255.0
!
interface gigabitethernet1
switchport mode access
switchport access vlan 20
!
interface gigabitethernet2
switchport mode access
switchport access vlan 20
!
interface gigabitethernet3
switchport mode access
switchport access vlan 20
!
interface gigabitethernet4
switchport mode access
switchport access vlan 20
!
interface gigabitethernet5
switchport mode access
switchport access vlan 30
!
interface gigabitethernet6
switchport mode access
switchport access vlan 30
!
interface gigabitethernet7
switchport mode access
switchport access vlan 30
!
interface gigabitethernet8
switchport mode access
switchport access vlan 30
!
interface gigabitethernet9
ip address 192.168.2.250 255.255.255.0
!
interface gigabitethernet10
switchport trunk native vlan 40
!
exit
banner login ^C
TEST
^C
banner exec ^C
BE CAREFUL
^C
ip default-gateway 192.168.32.1

Tom Watts · ‎03-08-2014

Hi Nicholas, this should help you

https://supportforums.cisco.com/discussion/12116176/rv042-082-016-sx300500-switch-open-discussion

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/

nicholasp1 · ‎03-11-2014

Hi Tom, Thanks for the reply, I looked through the link provided and checked it against the config I used, The RV--- Router looks like a good option for further down the track, but with the ddwrt at the moment I dont have the ability to allow multiple subnets, I have static routes on there already. Still no success.