Hi, I've been searching around here for some time regarding VLAN routing but I still havent managed to solve the problem I have. I'l start by explaining our test setup here: We have 1 Netgear Layer 2 FS728TS switch and 1 Netgear Layer 3 GSM7324 switch (does routing too). Both switches have the default VLAN 1 (Management VLAN) and 2 more VLANs 2 & 3. Each VLAN has its own IP range and subnet mask. I have 1 laptop connected in a port on the Layer 2 switch which is assigned to VLAN 2, an additional laptop connected to a port on the Layer 3 switch which is assigned to VLAN 2 and another laptop which is connected to a port on the Layer 2 switch on VLAN 3. I also have a desktop PC connected to the Layer 3 switch which is in VLAN 1 (The Management VLAN). The laptops in VLAN 2 & 3 can ping each other with no problems and can ping the gateway IP addresses of the relevant VLANs on the Layer 3 switch without any problems. But, the desktop PC which is on VLAN 1 can not ping anything on VLAN 2 & 3 and the the laptops on the other VLANs can't ping the desktop PC on VLAN 1. Is there something I have forgotten or did something wrong? Any help would be much appreciated.

VLAN 1 is your management VLAN and will only be able to ping anything in VLAN 1 Both your switches should have IP's in VLAN 1. VLAN 1 should also be the base VLAN on all uplinks between switches. Example: VLAN 1 = 192.168.1.0/24 VLAN 2 = 192.168.2.0/24 VLAN 3 = 192.168.3.0/24 Switch 1 (L3 switch) IP = 192.168.1.249 SM = 255.255.255.0 Gateway = 192.168.1.250 Switch 2 (L2 switch) IP = 192.168.1.248 SM = 255.255.255.0 Gateway = 192.168.1.250 Router (assuming it connects you to the internet) IP = 192.168.1.250 SM = 255.255.255.0 All three are network devices, ergo the VLAN 1 IP's on them. Uplinks between switches and router should all be: Base VLAN = 1 Allowed VLAN's = 1, 2, 3 Tagging = Tag All Access type = Trunk This allows the uplinks to carry all VLAN's between devices and they will be broken out accordingly by each device when they reach it. Where I work, this is how we've done things. As a standard, we leave port 1 on all switches as VLAN 1 (Access type = access) so if need be, we can plug a laptop into port 1 and give the laptop a VLAN 1 IP address and then communicate with the switch. This is very handy for troubleshooting, especially in a situation where you lose connectivity to the switch. Once you have your switches and uplinks properly configured, leave port 1 as VLAN 1 and plug a laptop into it. Give your laptop an IP in that subnet and then try pinging boths switches.