11-09-2014 11:14 PM
Please take a look at my rough drawing of how I would like my network to work:
SG300-10
__________________________________________
| 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 |
|_|___|__________________________________|
| |_________________________________
|_________________ |
__________________ _______|_________ _______|_________
|-----VLAN 1-----| |----VLAN 10----| |----VLAN 20----|
| Management | | 192.168.10.1 | | 192.168.20.1 |
| 192.168.1.250 | | | | |
|________________| |Internet Router| | Devices: |
| 192.168.10.2 | | Physical Box |
|_______________| | 192.168.20.2 |
| Server 2008R2 |
|DNS,DHCP,AD DC |
| |
|Physical Boxes |
| 192.168.20.x |
|W7 Workstations|
|_______________|
I have set static IP addresses on the Server 2008R2 host and Internet Router. I set up my VLANs, and I set each VLAN IP (as shown above), I set a 0.0.0.0 route to the Internet Router as well as x.x.x.0 routes for each VLAN IP range, and I set the gateway on all hosts on VLAN 20 to be 192.168.20.1.
I am unable to get Internet access, ping the router or access the switch management web page from any host on VLAN 20 unless I manually set the IP on the host on VLAN 20 to the same IP range as the device I'm trying to access. As such:
If I manually set the host IP to 192.168.1.50, I can access the switch management, but then cannot RDP into or ping any of the hosts on VLAN 20 or ping the Internet Router on VLAN 10.
If I manually set the host IP to 192.168.10.50, I can ping the Internet Router but cannot RDP into or ping any device on VLAN 20, nor can I access the Switch Management page.
If I allow DHCP to set the IP to 192.168.20.5, I can RDP into and ping all devices on VLAN 20, but I cannot ping any devices on VLAN 10 or access the Switch Management on VLAN 1.
I know I'm missing something simple, and I've been working on this for about 30 hours now but cannot seem to get this to work. Could anyone possibly help? Thanks in advance.
Solved! Go to Solution.
11-10-2014 08:36 AM
Just to be sure, is the SG300 in L3 switching mode or L2 switching mode?
11-10-2014 08:55 PM
I'm just glad to hear it's all working for you. Thanks for the endorsement!
11-10-2014 08:36 AM
Just to be sure, is the SG300 in L3 switching mode or L2 switching mode?
11-10-2014 09:07 AM
It is in L3 switching mode.
11-10-2014 09:10 AM
Can you post a copy of the configuration? Your setup sounds good, but I suspect there's something odd in the actual switch. Are you able to ping the switch's VLAN IPv4 address from each VLAN?
11-10-2014 09:14 AM
No. I can only access devices that are on the same VLAN.
11-10-2014 09:25 AM
Okay, let's have a look at the configuration and see if that shows anything strange.
11-10-2014 09:42 AM
I have attached the file. I have several other VLANs created for future use, but they aren't in use and no ports are assigned to them. Right now, I have only enabled the first two ports and assigned them to the VLANs mentioned in my original post as shown in the config file. Thank you so much for checking it out.
11-10-2014 01:45 PM
Okay, I think we've got it. Your interfaces are configured as trunks and are either (in the case of G1) tagging all packets or (in the case of G2) untagging only VLAN 1. PCs, unless specifically configured to do otherwise, send and received untagged, so they're either talking on the wrong VLAN or not at all.
interface gigabitethernet1 switchport trunk allowed vlan add 20 switchport trunk native vlan 10 switchport default-vlan tagged ! interface gigabitethernet2 switchport trunk allowed vlan add 10,20
Let's try this:
interface gigabitethernet1 switchport trunk allowed vlan remove all no switchport trunk native vlan no switchport default-vlan tagged switchport mode access switchport access vlan 10 ! interface gigabitethernet2 switchport trunk allowed vlan remove all switchport mode access switchport access vlan 20
This will unconditionally put your interfaces G1 and G2 into VLAN 10 and VLAN 20 respectively.
11-10-2014 05:28 PM
How will hosts connected to GE2 (on VLAN 20) access the management interface on VLAN 1 (192.168.1.250)?
11-10-2014 06:10 PM
Ignore that last post, I figured that out and can now ping/RDP/access the management interface and the VLAN 20 hosts all from any host on VLAN 20. However, I cannot ping the Internet Gateway/Router on VLAN 10 (192.168.10.2).
11-10-2014 06:45 PM
Okay, does the router have a static route back to 192.168.20.0/24 via 192.168.10.1? Also, can you ping 192.168.10.1 from the 192.168.20.0/24 VLAN? Also, can the router ping 192.168.10.1?
11-10-2014 07:24 PM
Sorry for the delayed response, but I was not aware that additional routing information needed to be set on the router so once I found that setting (Linksys E2000 / Setup / Advanced Routing), I read the help page and, with the information you provided, am now able to access the Internet on my network! I used the following settings, and understand I'll need to do the same for any additional VLANs:
Destination LAN IP: 192.168.20.0
Subnet Mask: 255.255.255.0
Gateway: 192.168.10.1
However, I'm having one small problem; if I manually set a wireless host connected to the Linksys Internet Router to an IP within the router's VLAN (192.168.10.x, VLAN10) or a VLAN20 IP and manually set DNS to my Server 2008R2 host (VLAN20), everything works fine on the wireless host. However, if I set the IP to obtain automatically, it cannot find the DNS/DHCP server on VLAN20 and gets an IP of 169.254.36.125 and has no DNS or Gateway information available. I'm thinking this must be either an issue or setting on the router, and I've been poking around but can't find anything on it. I don't think it has anything to do with the Cisco switch. Any thoughts?
11-10-2014 07:32 PM
Actually, let me correct myself; I can only get access on a wireless host connected to the Internet router if I set a manual IP on VLAN10 (the same VLAN the router is on). If I do that, then everything works; DNS is done by the Win2K8R2 server on VLAN20, and I can ping everything and have Internet access.
However, if I set it to automatically obtain an IP and DNS/DHCP/Gateway information, it fails and gets a 169.254 address. If I manually set a VLAN20 IP (same as the DNS server) and DNS information, I cannot even access the router's config pages nor can I access the Internet or ping anywhere on the network.
11-10-2014 08:53 PM
Assuming your wireless is attached to your router, it's only going to work with VLAN 10 because that's the VLAN your router is on. If VLAN 20 is housing your DHCP server and DHCP isn't enabled on your router, that explains why you're getting 169.254.x's/16 (auto-configured address when there is no DHCP response) on your wireless. You can either enable DHCP on your router to handle VLAN 10 or relay it through the switch to your server.
If you decide to forward to the Windows server, you'll need to set up DHCP relay on the SG300. Once this is done, you'll need to add a DHCP scope for the VLAN 10 network on your server in order to handle the requests. That should clear up your DHCP assignments.
11-10-2014 08:53 PM
I actually figured it out on my own, and then refreshed this page to find your answer was exactly what I did. Everything is working great now. You are awesome.
I am going to click the Correct Answer link for each of your answers, hopefully that will help you out somehow. If there's something else I can do to bolster your reputation on this forum, please let me know and I will do it post haste!
Thanks again!
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: