NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
M4300 SFP Port Trunking Issues
Hi all, I recently purchased 2 new M4300 and form a stack. After stacking the SW, I started to setup the switch as normal, the management VLAN, IP, the rest of vlan, subnet of those VLAN. Since i...
Hi Kelvin,
It's a good news that the failover problem resolved.:smileyhappy:
Let's carry on the VRRP scenario.
I have checked the maintenance file just you sent to us.
1) Congratulation!The address (192.168.100.2 ) is the virtual IP address of VRRP on Firewall.
Because this IP have same prefix mac-address header just like (00:00:5E:00:xx:xx).
It's the standard of VRRP for mac-address behavior.
2) Good finding! The "Link state detection” is very useful for VRRP status.
So we need to set the IP for heartbeat on each Firewall that could monitor VRRP all the time.
But 192.168.100.1 is not the heartbeat address for Firewall that is VLAN interface on M4300-Stack.
So Could you set an IP address on Firewall A and B that is not VRRP protocol.
Such as:
192.168.100.10 /24 on Firewall A.
192.168.100.20 /24 on Firewall B.
Then,
Set Link state detection IP address to 192.168.100.20 on Firewall A.
Set Link state detection IP address to 192.168.100.10 on Firewall B.
That will make Firewall detect each other with this configuration.
3) Could you share me the configuration page or command on your Firewall about LAG/Port/IP address/VRRP configuration?
The private message is RECOMMENDED.
I'm not very professional on Firewall of other company.
Just want to help analyze.:smileyhappy:
Look forward to your reply.
Regards,
Daniel.
Hi Kelvin,
Thanks for your update.
The VLAN configuration will only effect on LAG port after you add 1/0/9,2/0/9 into LAG 6.
So we should mark the LAG 6 into VLAN 7 with Tag or Untag (according with your Firewall support to accept Tag packets or not)
I think most of Firewall just support untag mode of layer 3 interface just like yours.
So Could you please add LAG 6 into VLAN 7 with untag mode?
You can chose one of the three ways to deploy this configuration:
1) Set LAG 6 to general mode,
Set PVID 7 on LAG 6
Add LAG 6 into VLAN 7 with untag mode (U)
2) Set LAG 6 to Access mode,
Access VLAN 7.
3) Set LAG 6 to Trunk mode.
Allowed VLAN 7
Native VLAN 7
Let us know if you get new update:smileyhappy:
Regards.
Daniel.
Hi Daniel,
thx for your help, I took option 1 as my choice. but then i found that i can only ping 192.168.100.2 with the same vlan in layer 2 switch /w ip 192.168.100.3, if i plug to vlan 2 /w ip 192.168.1.3, then i cannot ping 192.168.100.2, it seems the routing problem?
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
