Port 19-24 is our Internet VLAN, the ISP is connected to port 19. Port 20 has our Cisco ASA 5500 connected protecting our corporate network. 10.121.105.2 is the internal address of the ASA. The outside interface of the Cisco is 74.213.163.101 and the ISP Gateway is 74.213.163.97.
We had a Netgear N900 connected to port 22 in the internet VLAN, it used 74.213.163.109. It worked perfectly and just stopped working one day. I tested it on another network and it worked, but I replaced it anyway. I have a new D-Link AC1200 to test with at the moment. I have configured 74.213.163.109 on the WAN interface. It can't get to the internet.
I have connected the D-Link directly to my ISP's media convertor (which comes into port 19) and it works perfectly. All my clients on the D-Link can browse the internet. We don't have any physical clients connected to the D-Link as the purpose is for it to provide a guest network with unrestricted internet access outside our corporate network.
Outside interface on the firewall (74.213.163.101) is connected to port 20, therefore providing internet to my internal network via 74.213.163.97.
10.121.105.2 is connected to port 15 (VLAN1) - internal network.
Theoretically any device connected to port 19-24 (VLAN8) using a static IP in my public range should have a direct internet connection as it's outside.
The D-Link doesn't provide internet when connected to VLAN 8, but when I connect it directly to my ISP device 74.213.163.97 is works without any issues. When I connect a computer to VLAN 8 using any of my public IP's I can connect to the internet without issues. Something is not allowing another router to connect in VLAN 8 for some reason.
The firewall's public interface is connected to port 20 in VLAN 8, that is confirmed. I think the idea behind VLAN 8 was to allow more devices to connect directly to our ISP, currently we only have the firewall and the Wi-Fi Router.
Clients connecting to the D-Link get dynamic addresses assigned by the D-Link in 192.168.158.0. The Netgear was configured as a router, I don't have the configuration of it anymore as we reset it many times. I don't think we had any static routes configured on it as it shouldn't need any.
I have just noticed another problem, the moment I connect the D-Link to the 6248 port 22 or 24 in VLAN 8 our internet starts to go wonky. You can see in the screenshot below, it started doing this the moment after connecting the D-Link.
FrancoisLubbe
5 Posts
0
March 7th, 2016 07:00
Hi Daniel,
Port 19-24 is our Internet VLAN, the ISP is connected to port 19. Port 20 has our Cisco ASA 5500 connected protecting our corporate network. 10.121.105.2 is the internal address of the ASA. The outside interface of the Cisco is 74.213.163.101 and the ISP Gateway is 74.213.163.97.
We had a Netgear N900 connected to port 22 in the internet VLAN, it used 74.213.163.109. It worked perfectly and just stopped working one day. I tested it on another network and it worked, but I replaced it anyway. I have a new D-Link AC1200 to test with at the moment. I have configured 74.213.163.109 on the WAN interface. It can't get to the internet.
I have connected the D-Link directly to my ISP's media convertor (which comes into port 19) and it works perfectly. All my clients on the D-Link can browse the internet. We don't have any physical clients connected to the D-Link as the purpose is for it to provide a guest network with unrestricted internet access outside our corporate network.
Regards,
Francois
FrancoisLubbe
5 Posts
0
March 7th, 2016 09:00
Outside interface on the firewall (74.213.163.101) is connected to port 20, therefore providing internet to my internal network via 74.213.163.97.
10.121.105.2 is connected to port 15 (VLAN1) - internal network.
Theoretically any device connected to port 19-24 (VLAN8) using a static IP in my public range should have a direct internet connection as it's outside.
The D-Link doesn't provide internet when connected to VLAN 8, but when I connect it directly to my ISP device 74.213.163.97 is works without any issues. When I connect a computer to VLAN 8 using any of my public IP's I can connect to the internet without issues. Something is not allowing another router to connect in VLAN 8 for some reason.
Regards,
Francois
FrancoisLubbe
5 Posts
0
March 7th, 2016 11:00
The firewall's public interface is connected to port 20 in VLAN 8, that is confirmed. I think the idea behind VLAN 8 was to allow more devices to connect directly to our ISP, currently we only have the firewall and the Wi-Fi Router.
Clients connecting to the D-Link get dynamic addresses assigned by the D-Link in 192.168.158.0. The Netgear was configured as a router, I don't have the configuration of it anymore as we reset it many times. I don't think we had any static routes configured on it as it shouldn't need any.
I have just noticed another problem, the moment I connect the D-Link to the 6248 port 22 or 24 in VLAN 8 our internet starts to go wonky. You can see in the screenshot below, it started doing this the moment after connecting the D-Link.
FrancoisLubbe
5 Posts
0
March 7th, 2016 12:00
Storm-control was disabled on port 24 where the D-Link is connected, it didn't make any difference.
Please also see the screenshot of the interface counters for port 24 below. I'm not sure which route to add on the D-Link...