Help with VLAN and VLAN routing

Notice: Page may contain affiliate links for which we may earn a small commission through services like Amazon Affiliates or Skimlinks.

uberguru

Member
Jun 7, 2013
319
18
18
I am having trouble pinging between VLANs on the SG300-10 switch


IP address of my switch is 192.168.10.35/24

I have VLAN1 192.168.10.1/24
VLAN2 172.16.0.254/24



Main router IP address 192.168.1.1/24 (i am using DD-WRT router)
I can ping 192.168.1.0/24 from 192.168.10.0/24 and also can ping internet from both 192.168.1.0/24 and 192.168.10.0/24

Now i want to be able to ping internet from 172.16.0.0/24 on VLAN2 of the switch
Also i want to be able to ping both 192.168.1.0/24 and 192.168.10.0/24

Please advice what to do next
I have attached all images


Thanks
 

uberguru

Member
Jun 7, 2013
319
18
18
Does anyone want to help?


Ok guys i have a buffalo DDWRT router on 192.168.1.1/24 ip address and i have configured VLAN10 on LAN port 1 for 192.168.10.0/24 subnet

Now the thing here is i plugged in a Cisco SG300-10 switch with ip address 192.168.10.35 on LAN port 1 of the buffalo DDWRT router and want to configure VLAN2 on the cisco switch for 172.16.0.0/24 subnet

I am able to do this but the problem is i cannot ping the internet from 172.16.0.0/24 and also cannot ping the 192.168.1.0/24 and cannot ping 192.168.10.0/24(BUT i can ping 192.168.10.35 which is the ip address of the switch since i am directly connected i am guessing but cannot ping any other address on the 192.168.10.0/24 subnet)

What i want to be able to do

#1 ping 192.168.1.0/24 subnet
#2 ping 192.168.10.0/24 subnet
#3 ping the internet


What do i do?
I have attached images
Thanks


routes on the DDWRT router


routes on the cisco SG300-10 switch
 
Last edited:

uberguru

Member
Jun 7, 2013
319
18
18
I really think i have provided all information here
If you can help, please help
really need this


Here is the page to add static routes on DDWRT router and the router is not taking this route...so what route do i enter? Also is ports 9 and 10 (the ports on VLAN2 on the cisco SG300-10 switch) suppose to be Trunk OR Access? Pictures attached above


 

Mike

Member
May 29, 2012
482
16
18
EU
Access ports should be...Access. Ports to your router should be trunk, but only if you actually want the router to route between vlans and the WAN. If thats the case you need dot1q on the router to do something funny with the tags. Otherwise the switch should do some inter vlan routing, although that somewhat defeats the purpose in a single switch setup. Did you configure the endpoint with Vlan2 with the correct gateway? 172 . 254?

I think you can configure the sg300 over ssh like an ios device. Maybe that helps.
 

uberguru

Member
Jun 7, 2013
319
18
18
Access ports should be...Access. Ports to your router should be trunk, but only if you actually want the router to route between vlans and the WAN. If thats the case you need dot1q on the router to do something funny with the tags. Otherwise the switch should do some inter vlan routing, although that somewhat defeats the purpose in a single switch setup. Did you configure the endpoint with Vlan2 with the correct gateway? 172 . 254?

I think you can configure the sg300 over ssh like an ios device. Maybe that helps.
Thanks for the reply since no one wants to help..not like i am asking some stupid question

Most of the pictures i have explains everything
And the gateway is 172.16.0.254 because when i hooked up a laptop to port 9 or port 10 on the switch and setup static ip like 172.16.0.2 i used gateway of 172.16.0.254 and was able to ping the gateway and everything works fine

I think right now it is routing issues that i am having
and i have no idea what routes and where

Please take a look at all the posted screenshots and you will see everything so far

Again thanks
 

Chuckleb

Moderator
Mar 5, 2013
1,017
331
83
Minnesota
Glad someone knows networking better than I! I would love to help but this is much mor confusing than my simple network.
 

uberguru

Member
Jun 7, 2013
319
18
18
DDWRT router
#####

IP address 192.168.1.1
Subnet 192.168.1.0/24

LAN Port1 is configured for VLAN10 192.168.10.0/24 subnet and gateway 192.168.10.1 (the Cisco SG300 is plugged into this port)
#
#
#
#
#
Cisco SG300-10 Switch
#####
GE1/Port1 of switch is connected to LAN Port1 of DDWRT router
Default VLAN of switch is VLAN1
IP address(management ip address) 192.168.10.35
Subnet 192.168.10.0/24


VLAN2 is configured for GE9/Port9 and GE10/Port10 for 172.16.0.0/24 subnet with 172.16.0.254 gateway




What i want to be able to do from the VLAN2 on the switch 172.16.0.0/24 subnet is to:

#1 ping 192.168.1.0/24 subnet
#2 ping 192.168.10.0/24 subnet
#3 ping the internet

Currently

172.16.0.0/24 cannot ping anywhere...it can only ping the gateway 172.16.0.254 and 192.168.10.35 which is the ip of the switch it is directly connected to...it cannot ping anything else. And no one else can ping it.

Let me know what other information you need
Thanks
 

Mike

Member
May 29, 2012
482
16
18
EU
Patience. After we fixed this, could you help me with my questions about building a time machine?

Dump the switch's VLAN interfaces other than the management interface on vlan 1. Configure the port to the dd-wrt router as a trunk, all the others should be access ports and tagged as either vlan 1, 2 or whatever vlan you want.
On the dd-wrt router you then create vlan interfaces (google: dot1q dd-wrt), sticking to a single gateway scheme (.1 / .254 / ?). The router can then route, like i guess you want to.
 

uberguru

Member
Jun 7, 2013
319
18
18
Patience. After we fixed this, could you help me with my questions about building a time machine?

Dump the switch's VLAN interfaces other than the management interface on vlan 1. Configure the port to the dd-wrt router as a trunk, all the others should be access ports and tagged as either vlan 1, 2 or whatever vlan you want.
On the dd-wrt router you then create vlan interfaces (google: dot1q dd-wrt), sticking to a single gateway scheme (.1 / .254 / ?). The router can then route, like i guess you want to.
I want the switch to do the routing for the VLAN it creates
Right now everything works fine except that the new VLAN created on the switch which is VLAN2 is not doing what i want...the other ports all work fine the way i want them...only ports am concerned about are ports 9 and 10 which belong to VLAN2 and they both are Access ports....i want the VLAN2 to reach internet and ping other VLAN in the whole network...the switch can reach everywhere including the internet so i want to route from the switch
 

Mike

Member
May 29, 2012
482
16
18
EU
Since you do not care about the vlan tags in that case you could change the mode to trunk for the ports 9 and 10. The sg series has confusing vlan configurations imo.
 

uberguru

Member
Jun 7, 2013
319
18
18
Since you do not care about the vlan tags in that case you could change the mode to trunk for the ports 9 and 10. The sg series has confusing vlan configurations imo.
Well i have changed to trunk and still same thing so far
I haven't seen any difference between access or trunk for ports 9 and 10
 
Last edited:

uberguru

Member
Jun 7, 2013
319
18
18
I will be really grateful if anyone can help me
This is just a simple setup...VLAN between router and switch and switch with another VLAN and needs routing from the VLAN on the switch..that is all

Don't know why its so tough to get help
 

Southgate

New Member
Sep 9, 2014
1
0
1
46
Have you setup firewall rules to allow traffic from vlan2 to the internet? Additionally, you will need a rule to allow traffic from vlan1 to vlan2. (Link)

However, if you allow all the vlans to talk to each other and to the internet, you are defeating the point of the vlan and creating a bottleneck at your router that doesn't need to exist.