This post is more than 5 years old
3 Posts
0
24389
November 2nd, 2014 07:00
Very Simple Config on a 6248
I have the need to have 3 VLANs
3 VLANs can't talk to each other.
VLANs should be able to get to the internet
My gateway is a standard Linksys type of router with the IP of 192.168.1.1
My Switches IP is 192.168.1.7 (as shown in the below config)
I am not sure what to do next...
TestSwitch#show running-config
!Current Configuration:
!System Description "PowerConnect 6248P, 3.3.3.3, VxWorks 6.5"
!System Software Version 3.3.3.3
!Cut-through mode is configured as disabled
!
configure
vlan database
vlan 20,30,40
vlan routing 20 1
vlan routing 30 2
vlan routing 40 3
exit
hostname "TestSwitch"
stack
member 2 5
exit
ip address 192.168.1.7 255.255.255.0
ip default-gateway 192.168.1.1
ip helper-address 192.168.1.1 dhcp
interface vlan 20
name "Private"
routing
ip address 10.11.12.10 255.255.255.0
exit
interface vlan 30
name "Public"
routing
ip address 10.11.13.10 255.255.255.0
exit
interface vlan 40
name "Training Center"
routing
ip address 10.11.11.10 255.255.255.0
exit
!
interface ethernet 2/g3
switchport access vlan 20
exit
!
interface ethernet 2/g4
switchport access vlan 40
exit
!
interface ethernet 2/g5
switchport access vlan 20
exit
!
interface ethernet 2/g6
switchport access vlan 20
exit
!
interface ethernet 2/g7
switchport access vlan 20
exit
!
interface ethernet 2/g8
switchport access vlan 20
exit
!
interface ethernet 2/g9
switchport access vlan 20
exit
exit
0 events found
DELL-Josh Cr
Moderator
•
9.6K Posts
•
42.1K Points
0
November 7th, 2014 07:00
Yes, you have basically the same scenario. So the fix should be the same. Moving traffic off of VLAN 1 should allow for the routing to work, VLAN 1 is not routable unless the management VLAN is changed to a different VLAN.
DELL-Josh Cr
Moderator
•
9.6K Posts
•
42.1K Points
0
November 3rd, 2014 11:00
Hi,
What happens with that configuration?
If you have routing enabled the VLANs are going to be able to talk to each other. If routing is not enabled on the switch and just on the router, it will still route between the VLANs and pass the traffic back to the switch. You may be able to block traffic between VLANs on the router if it is VLAN aware. If it isn’t you would have to have a separate connection to the router for each subnet and use egress access control lists on the ports for each VLAN that permit only traffic to their subnet and the subnet the internet is on and deny access when they try to access an ip on one of the other VLANs.
Page 300 ftp://ftp.dell.com/Manuals/all-products/esuprt_ser_stor_net/esuprt_networking/esuprt_net_fxd_prt_swtchs/powerconnect-6224_User%27s%20Guide_en-us.pdf
Page 210 ftp://ftp.dell.com/Manuals/all-products/esuprt_ser_stor_net/esuprt_powerconnect/powerconnect-6248_Reference%20Guide_en-us.pdf
dellswitch2014
3 Posts
0
November 3rd, 2014 17:00
My client computers can't get to the internet or ping the IP of the Linksys type of router. The Linksys type of router is not VLAN aware. I guess routing is enable on the Layer 3 switch so it should be able to route to the gateway (linksys) and route to other VLANs.
DELL-Josh Cr
Moderator
•
9.6K Posts
•
42.1K Points
0
November 3rd, 2014 17:00
Run ip routing
from general config, I didn’t see it on there. Can you ping the router from the switch? Are the clients pointing to the VLAN IP for their default gateway? You may also need to move the internet off of VLAN 1 and put it on a different VLAN because the management network is not routable.
dellswitch2014
3 Posts
0
November 6th, 2014 12:00
Thati might be the problem. So - does my Linksys home router need to be VLAN aware or should it just see traffic coming to it and pass it.
ill be offline for a couple of days and wont be able to try it. Ill be back.
DELL-Josh Cr
Moderator
•
9.6K Posts
•
42.1K Points
0
November 6th, 2014 13:00
It is a lot easier if the router is VLAN aware, but we should be able to get it to work if all of the routing is done on the switch and the router is just used as an internet gateway.
PowerConnect48
41 Posts
0
November 7th, 2014 07:00
Josh - I have the scenario in this thread en.community.dell.com/.../19605324 we both don't have gateways that are VLAN aware. The issue we are both running into is we can't add a default route from the switch as we will get
"The specified Static Route Next Hop Router Address can't be in the same subnet as the service/network port."
since to reach out switch it is on the same subnet as the gateway.