This post is more than 5 years old
1 Rookie
•
10 Posts
0
10314
November 6th, 2016 08:00
VLANs can't see internet
Hello All, I am new to VLANs and trying to learn on my own. I have got a Powerconnect 6224. I setup two vlans and connected two machines to each VLAN. the machines in each VLAN can see each other and they can see the other VLAN members. But, none of them can see the internet... internet port is #2 what am I missing?
VLAN 10 interface = 10.10.0.1/24 members of vlan 10 = ports 17-21
VLAN 20 interface = 10.20.0.1/24 members of vlan 20 = ports 13-16
routes to each network
10.10.0.0 -> 10.10.0.2
10.20.0.0 -> 10.20.0.2
Here is the running config on the switch. can you see what I missed?
*******************
console>enable
console#show running-config
!Current Configuration:
!System Description "Dell 24 Port Gigabit Ethernet, 2.0.0.12, VxWorks5.5.1"
!System Software Version 2.0.0.12
!
configure
vlan database
vlan 10,20,99
exit
stack
member 1 1
exit
ip address 192.168.1.3 255.255.255.0
ip default-gateway 192.168.1.1
ip routing
ip route 10.10.0.0 255.255.255.0 192.168.1.3
ip route 10.20.0.0 255.255.255.0 192.168.1.3
interface vlan 10
routing
ip address 10.10.0.1 255.255.255.0
ip netdirbcast
exit
interface vlan 20
routing
ip address 10.20.0.1 255.255.255.0
ip netdirbcast
exit
interface vlan 99
name "WAN"
dot1x auth-not-req
routing
ip netdirbcast
ip local-proxy-arp
exit
username "admin" password 4f87869237d36d241ed31f8fe95ad8d6 level 15 encrypted
!
interface ethernet 1/g1
switchport mode general
no switchport general acceptable-frame-type tagged-only
exit
!
interface ethernet 1/g2
switchport mode general
no switchport general acceptable-frame-type tagged-only
exit
!
interface ethernet 1/g12
switchport access vlan 20
exit
!
interface ethernet 1/g13
switchport access vlan 20
exit
!
interface ethernet 1/g14
switchport access vlan 20
exit
!
interface ethernet 1/g15
switchport access vlan 20
exit
!
interface ethernet 1/g16
switchport access vlan 10
exit
!
interface ethernet 1/g17
switchport access vlan 10
exit
!
interface ethernet 1/g18
switchport access vlan 10
exit
!
interface ethernet 1/g19
switchport access vlan 10
exit
!
interface ethernet 1/g20
switchport access vlan 10
exit
exit
console#
0 events found
Skadaddle
1 Rookie
•
10 Posts
0
July 29th, 2017 22:00
Hello Daniel, So sorry for the long delay.. I had to put this project on hold. My wife was diagnosed with Cancer and we have been busy fighting this . She is done with all the treatments now and starting to get back to normal. I wanted to let you know I really appreciate all your help. I was able to get everything working correctly. Thanks so much for all your guidance.
Michael
Skadaddle
1 Rookie
•
10 Posts
0
November 7th, 2016 19:00
Daniel, Thanks for helping out... OK. I had the internet connection plugged into a Dell 3424 and then a cable going to the 6224 on port 2.
I took the 3424 out of the mix and plugged the internet connection directly in to port 2 on the 6224. But, I still can't get to the internet from a machine plugged in to vlan 10 or vlan 20...
-Michael
Skadaddle
1 Rookie
•
10 Posts
0
November 11th, 2016 12:00
Thank you Daniel. its been a busy week. I will try these steps tomorrow and let you know how it goes.
I appreciate all you help... stay tuned...
Skadaddle
1 Rookie
•
10 Posts
0
November 12th, 2016 11:00
Daniel, Thank you for your patience while I try to wrap my brain around this... I started entering in your suggested commands and the CLI. once I got to this line and entered the command. I lost all connection to the switch.
console(config)# no ip address
I have rebooted the switch and reset to factory defaults. if it's not too much to ask. can you give me the entire sequence of commands to setup the switch from the beginning?
my goal is to have two VLANs on the switch. each VLAN will have three computers in it. the computers in each vlan need to be able to see each other as well as get out to the internet...
I have a comcast cable modem the is connected to a NetGear wireless router (192.168.1.1). The Netgear serves out DHCP to all the home computers.
The powerconnect 6224 (192.168.1.3) is plugged into the netgear. I don't want the computers in the two VLANs to obtain IP addresses from the Netgear. I want to setup a DHCP server with in each of the vlans to serve ip addresses to each of the machines in their vlans. Does this all make sense?
Skadaddle
1 Rookie
•
10 Posts
0
November 16th, 2016 16:00
Daniel. sorry for the late reply... busy week...
I started entering in your commands and got stuck.. it would not let me give the vlan 99 the IP address.
************Here is how far I got*****************
User:admin
Password:********
console#configure
console(config)#vlan database
console(config-vlan)#vlan 10,20,99
Warning: The use of large numbers of VLANs or interfaces may cause significant
delays in applying the configuration.
console(config-vlan)#exit
console(config)#ip routing
console(config)#ip route 10.10.0.0 255.255.255.0 192.168.1.1
console(config)#ip route 10.20.0.0 255.255.255.0 192.168.1.1
console(config)#interface vlan 10
console(config-if-vlan10)#ip address 10.10.0.1 255.255.255.0
console(config-if-vlan10)#exit
console(config)#interface vlan 20
console(config-if-vlan20)#ip address 10.20.0.1 255.255.255.0
console(config-if-vlan20)#exit
console(config)#interface vlan 99
console(config-if-vlan99)#name "WAN"
console(config-if-vlan99)#ip address 192.168.1.3 255.255.255.0
Subnet conflict between specified IP Address and current configuration.
All routing interfaces, service ports and network ports must be configured on
different subnets.
console(config-if-vlan99)#
Skadaddle
1 Rookie
•
10 Posts
0
November 24th, 2016 13:00
Daniel, This environment I am trying to create doesn't neccesarily need to have VLAN 1 in the mix. if I can accomplish my goal of having two vlans on the 6224 switch and have the computers in those vlans have access to the internet as well as see each other. that is all I need right now. so, if I create three(3) vlans. 10,20 & 99. and don't even use vlan 1. that would be fine. I'll remind you that I do not know/understand these powerconnect switches as much as I should. so the more specific and detailed you can be the better.
Here is my running config. what do i need to add/change to accomplish my goal?
vlan database
vlan 10,20,99-100
exit
stack
member 1 1
exit
ip address 192.168.2.1 255.255.255.0 ( I don't recall setting up this IP address.. not sure what it is for?)
ip address vlan 100
ip routing
ip route 10.10.0.0 255.255.255.0 192.168.1.1
ip route 10.20.0.0 255.255.255.0 192.168.1.1
interface vlan 1
routing
ip address 192.168.1.3 255.255.255.0
exit
interface vlan 10
routing
ip address 10.10.0.1 255.255.255.0
exit
interface vlan 20
routing
ip address 10.20.0.1 255.255.255.0
exit
interface vlan 99
name "WAN"
routing
exit
username "admin" password 4f87869237d36d241ed31f8fe95ad8d6 level 15 encrypted
exit
Skadaddle
1 Rookie
•
10 Posts
0
November 28th, 2016 18:00
Hello Daniel, I feel like a real noob... Thanks for your patience. I reset the switch back to factory defaults. and ran through the setup wizard. I tried to do the command
console(config)#interface vlan 1
console(config-if-vlan1)#no ip address
but, it said command no complete. so I created a vlan 100 and set it with no ip address.
Then left vlan 1 with the IP of 192.168.1.3 255.255.255.0 .
so, computers in each vlan can ping each other as well as the ip address for their vlan. for example. the ip address for vlan 10 is 10.10.0.1
But, they can't ping anything on the internet for example ping 8.8.8.8 gives destination unreachable
I must have missed something...
here is the running config.
User:admin
Password:********
console#show run
!Current Configuration:
!System Description "Dell 24 Port Gigabit Ethernet, 2.0.0.12, VxWorks5.5.1"
!System Software Version 2.0.0.12
!
configure
vlan database
vlan 10,20,100
exit
stack
member 1 1
exit
ip address 192.168.2.1 255.255.255.0
ip address vlan 100
ip routing
ip route 10.10.0.0 255.255.255.0 192.168.1.1
ip route 10.20.0.0 255.255.255.0 192.168.1.1
interface vlan 1
routing
ip address 192.168.1.3 255.255.255.0
exit
interface vlan 10
routing
ip address 10.10.0.1 255.255.255.0
exit
interface vlan 20
routing
ip address 10.20.0.1 255.255.255.0
exit
username "admin" password 4f87869237d36d241ed31f8fe95ad8d6 level 15 encrypted
!
interface ethernet 1/g12
switchport access vlan 20
exit
!
interface ethernet 1/g13
switchport access vlan 20
exit
!
interface ethernet 1/g14
switchport access vlan 20
exit
!
interface ethernet 1/g15
switchport access vlan 20
exit
!
interface ethernet 1/g16
switchport access vlan 10
exit
!
interface ethernet 1/g17
switchport access vlan 10
exit
!
interface ethernet 1/g18
switchport access vlan 10
exit
!
interface ethernet 1/g19
switchport access vlan 10
exit
!
interface ethernet 1/g20
switchport access vlan 10
exit
exit
console#config
console(config)#interface ethernet 1/g2
console(config-if-1/g2)#switchport access vlan 1
Warning: The use of large numbers of VLANs or interfaces may cause significant
delays in applying the configuration.
console(config-if-1/g2)#exit
console#copy running-config startup-config
This operation may take a few minutes.
Management interfaces will not be available during this time.
Are you sure you want to save? (y/n) y
Configuration Saved!
console#
console#show run
!Current Configuration:
!System Description "Dell 24 Port Gigabit Ethernet, 2.0.0.12, VxWorks5.5.1"
!System Software Version 2.0.0.12
!
configure
vlan database
vlan 10,20,100
exit
stack
member 1 1
exit
ip address 192.168.2.1 255.255.255.0 (Still don't know why this is here and how to remove it)
ip address vlan 100
ip routing
ip route 10.10.0.0 255.255.255.0 192.168.1.1
ip route 10.20.0.0 255.255.255.0 192.168.1.1
interface vlan 1
routing
ip address 192.168.1.3 255.255.255.0
exit
interface vlan 10
routing
ip address 10.10.0.1 255.255.255.0
exit
interface vlan 20
routing
ip address 10.20.0.1 255.255.255.0
exit
username "admin" password 4f87869237d36d241ed31f8fe95ad8d6 level 15 encrypted
!
interface ethernet 1/g12
switchport access vlan 20
exit
!
interface ethernet 1/g13
switchport access vlan 20
exit
!
interface ethernet 1/g14
switchport access vlan 20
exit
!
interface ethernet 1/g15
switchport access vlan 20
exit
!
interface ethernet 1/g16
switchport access vlan 10
exit
!
interface ethernet 1/g17
switchport access vlan 10
exit
!
interface ethernet 1/g18
switchport access vlan 10
exit
!
interface ethernet 1/g19
switchport access vlan 10
exit
!
interface ethernet 1/g20
switchport access vlan 10
exit
exit
console#ping 8.8.8.8
Pinging 8.8.8.8 with 64 bytes of data:
----8.8.8.8 PING Statistics----
4 packets transmitted,0 packets received,100% packet loss
round-trip (ms) min/avg/max = 0.000/NaN/0.000
console#
Skadaddle
1 Rookie
•
10 Posts
0
November 29th, 2016 08:00
Daniel, I think I might have found the issue. I rely on your expertise to confirm this...
I did a Show Ip interfaces command and it showed this.
Notice there is no default gateways on the switch or the vlans. this makes me think that the switch and the computers connected to it don't know how to get out... also, the switch IP address is 192.168.2.1. I didn't set that.
User:admin
Password:********
console#show ip interface
Management Interface:
IP Address..................................... 192.168.2.1
Subnet Mask.................................... 255.255.255.0
Default Gateway................................ 0.0.0.0
Burned In MAC Address.......................... 001E.C98D.****
Network Configuration Protocol Current......... None
Management VLAN ID............................. 100
Routing Interfaces:
Netdir Multi
Interface IP Address IP Mask Bcast CastFwd
---------- --------------- --------------- -------- --------
vlan 1 192.168.1.3 255.255.255.0 Disable Disable
vlan 10 10.10.0.1 255.255.255.0 Disable Disable
vlan 20 10.20.0.1 255.255.255.0 Disable Disable
console#
Skadaddle
1 Rookie
•
10 Posts
0
November 29th, 2016 09:00
Daniel, Getting closer... I added a Default gateway to the switch and I can now ping the internet as well as all the vlans and the computers on the vlans. But, from the computers on the vlan I still can't ping the internet... do I need to add default gateways to the vlans?
User:admin
Password:********
console#show ip route
Route Codes: R - RIP Derived, O - OSPF Derived, C - Connected, S - Static
B - BGP Derived, IA - OSPF Inter Area
E1 - OSPF External Type 1, E2 - OSPF External Type 2
N1 - OSPF NSSA External Type 1, N2 - OSPF NSSA External Type 2
C 10.10.0.0/24 [0/0] directly connected, vlan 10
C 10.20.0.0/24 [0/0] directly connected, vlan 20
C 192.168.1.0/24 [0/0] directly connected, vlan 1
console(config)#ip route default 192.168.1.1
console(config)#exit
console#copy running-config startup-config
This operation may take a few minutes.
Management interfaces will not be available during this time.
Are you sure you want to save? (y/n) y
Configuration Saved!
console#show ip interface
Management Interface:
IP Address..................................... 192.168.2.1
Subnet Mask.................................... 255.255.255.0
Default Gateway................................ 192.168.1.1 (Just added this...)
Burned In MAC Address.......................... 001E.C98D.****
Network Configuration Protocol Current......... None
Management VLAN ID............................. 100
Routing Interfaces:
Netdir Multi
Interface IP Address IP Mask Bcast CastFwd
---------- --------------- --------------- -------- --------
vlan 1 192.168.1.3 255.255.255.0 Disable Disable
vlan 10 10.10.0.1 255.255.255.0 Disable Disable
vlan 20 10.20.0.1 255.255.255.0 Disable Disable
console#ping 192.168.1.1
Pinging 192.168.1.1 with 64 bytes of data:
64 bytes from 192.168.1.1: icmp_seq = 0. time=0.000 ms
64 bytes from 192.168.1.1: icmp_seq = 1. time=0.000 ms
64 bytes from 192.168.1.1: icmp_seq = 2. time=0.000 ms
64 bytes from 192.168.1.1: icmp_seq = 3. time=0.000 ms
----192.168.1.1 PING Statistics----
4 packets transmitted,4 packets received,0% packet loss
round-trip (ms) min/avg/max = 0.000/0.000/0.000
console#ping 8.8.8.8
Pinging 8.8.8.8 with 64 bytes of data:
64 bytes from 8.8.8.8: icmp_seq = 0. time=10.000 ms
64 bytes from 8.8.8.8: icmp_seq = 1. time=10.000 ms
64 bytes from 8.8.8.8: icmp_seq = 2. time=0.000 ms
64 bytes from 8.8.8.8: icmp_seq = 3. time=0.000 ms
----8.8.8.8 PING Statistics----
4 packets transmitted,4 packets received,0% packet loss
round-trip (ms) min/avg/max = 0.000/5.000/10.000
console#ping 192.168.1.3
Pinging 192.168.1.3 with 64 bytes of data:
64 bytes from 192.168.1.3: icmp_seq = 0. time=0.000 ms
64 bytes from 192.168.1.3: icmp_seq = 1. time=0.000 ms
64 bytes from 192.168.1.3: icmp_seq = 2. time=0.000 ms
64 bytes from 192.168.1.3: icmp_seq = 3. time=0.000 ms
----192.168.1.3 PING Statistics----
4 packets transmitted,4 packets received,0% packet loss
round-trip (ms) min/avg/max = 0.000/0.000/0.000
console#ping 10.10.0.1
Pinging 10.10.0.1 with 64 bytes of data:
64 bytes from 10.10.0.1: icmp_seq = 0. time=0.000 ms
64 bytes from 10.10.0.1: icmp_seq = 1. time=0.000 ms
64 bytes from 10.10.0.1: icmp_seq = 2. time=0.000 ms
64 bytes from 10.10.0.1: icmp_seq = 3. time=0.000 ms
----10.10.0.1 PING Statistics----
4 packets transmitted,4 packets received,0% packet loss
round-trip (ms) min/avg/max = 0.000/0.000/0.000
console#ping 10.20.0.3
Pinging 10.20.0.3 with 64 bytes of data:
64 bytes from 10.20.0.3: icmp_seq = 0. time=0.000 ms
64 bytes from 10.20.0.3: icmp_seq = 1. time=0.000 ms
64 bytes from 10.20.0.3: icmp_seq = 2. time=0.000 ms
64 bytes from 10.20.0.3: icmp_seq = 3. time=0.000 ms
----10.20.0.3 PING Statistics----
4 packets transmitted,4 packets received,0% packet loss
round-trip (ms) min/avg/max = 0.000/0.000/0.000