VLAN Routing

March 19, 2009 at 05:51:05
Specs: Windows Vista
Hi,

I've been searching around here for some time regarding VLAN routing but I still havent managed to solve the problem I have.

I'l start by explaining our test setup here:
We have 1 Netgear Layer 2 FS728TS switch and 1 Netgear Layer 3 GSM7324 switch (does routing too).

Both switches have the default VLAN 1 (Management VLAN) and 2 more VLANs 2 & 3. Each VLAN has its own IP range and subnet mask.

I have 1 laptop connected in a port on the Layer 2 switch which is assigned to VLAN 2, an additional laptop connected to a port on the Layer 3 switch which is assigned to VLAN 2 and another laptop which is connected to a port on the Layer 2 switch on VLAN 3. I also have a desktop PC connected to the Layer 3 switch which is in VLAN 1 (The Management VLAN).

The laptops in VLAN 2 & 3 can ping each other with no problems and can ping the gateway IP addresses of the relevant VLANs on the Layer 3 switch without any problems. But, the desktop PC which is on VLAN 1 can not ping anything on VLAN 2 & 3 and the the laptops on the other VLANs can't ping the desktop PC on VLAN 1.

Is there something I have forgotten or did something wrong?

Any help would be much appreciated.


See More: VLAN Routing

Report •


#1
March 19, 2009 at 08:07:53
VLAN 1 is your management VLAN and will only be able to ping anything in VLAN 1

Both your switches should have IP's in VLAN 1. VLAN 1 should also be the base VLAN on all uplinks between switches.

Example:

VLAN 1 = 192.168.1.0/24
VLAN 2 = 192.168.2.0/24
VLAN 3 = 192.168.3.0/24

Switch 1 (L3 switch)
IP = 192.168.1.249
SM = 255.255.255.0
Gateway = 192.168.1.250

Switch 2 (L2 switch)
IP = 192.168.1.248
SM = 255.255.255.0
Gateway = 192.168.1.250

Router (assuming it connects you to the internet)
IP = 192.168.1.250
SM = 255.255.255.0

All three are network devices, ergo the VLAN 1 IP's on them.

Uplinks between switches and router should all be:

Base VLAN = 1
Allowed VLAN's = 1, 2, 3
Tagging = Tag All
Access type = Trunk

This allows the uplinks to carry all VLAN's between devices and they will be broken out accordingly by each device when they reach it.

Where I work, this is how we've done things. As a standard, we leave port 1 on all switches as VLAN 1 (Access type = access) so if need be, we can plug a laptop into port 1 and give the laptop a VLAN 1 IP address and then communicate with the switch. This is very handy for troubleshooting, especially in a situation where you lose connectivity to the switch.

Once you have your switches and uplinks properly configured, leave port 1 as VLAN 1 and plug a laptop into it. Give your laptop an IP in that subnet and then try pinging boths switches.


Report •
Related Solutions


Ask Question