- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
Simplest configuration imaginable doesn't work. What am I missing?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Well, I'm new to managed switches, but have worked with unmanaged switches and standalone routers for many years. I'm trying to do the simplest imaginable thing on a test switch, and it fails. I've created a routed VLAN with four ports, assigned the VLAN a network address of 192.168.60.1/24, and when I attach a laptop (manually configured as 192.168.60.5, gw= ~60.1), I can't ping the gateway! What in the heck am I not getting?
As an aside, what I would like to do eventually is set up several VLANS that cannot see one another's traffic, making them private, while giving all VLANS access to an Internet router on its own VLAN. Looks like I'm going to have a steep learning curve.
Here's my simple configuration, consisting of two VLANs, VLAN15 and VLAN60. VLAN 15 has an address of 192.168.15.20. On that VLAN is an Internet router addressed as 192.168.15.1. I'd like a device plugged into VLAN60 to have Internet access, but not access to any other VLAN.
At the moment, I can't ping the addresses for either VLAN. All ports are marked as untagged. The configuration is shown below.
Thanks for helping a newbie!
----------------------------------------------------------------------------------------
SYSTEM CONFIG FILE ::= BEGIN
! Model: GS728TPv2
! System Description: NETGEAR 24-Port Gigabit PoE+ Smart Managed Pro Switch with 4 SFP Ports (GS728TPv2)
! Firmware Version: 6.0.2.5 [Nov 28 2019 - 16:49:51]
! Loader Version: 1.0.0.5 [2017-12-28 09:35:22 UTC]
! Config Version: 0
! System Name: Rental Switch B
! MAC Address: 3C:37:86:CB:9C:02
! Serial Number: 5WA1997CA070C
! System Up Time: 0 days, 0 hours, 30 mins, 1 secs
!
!
!
system name "Rental Switch B"
system location "Rental Area"
system contact
ip address 192.168.0.239 mask 255.255.255.0
ip name-server
sccd
!
username "admin" secret encrypted MoQ+ApVBxpb6ZLgxW91+2w==
sntp 1 host time-b.netgear.com port 123 ver 4
sntp 2 host time-a.netgear.com port 123 ver 4
sntp 3 host 0.openwrt.pool.ntp.org port 123 ver 4
!
!
vlan 4088
name "Auto-VoIP"
vlan 4089
name "Auto-Video"
vlan 15,60
voice-vlan oui 0 0:1:e3 SIEMENS
voice-vlan oui 1 0:3:6b CISCO1
voice-vlan oui 2 0:12:43 CISCO2
voice-vlan oui 3 0:60:b9 NITSUKO
voice-vlan oui 4 0:d0:1e PINTEL
voice-vlan oui 5 0:e0:75 VERILINK
voice-vlan oui 6 0:e0:bb 3COM
voice-vlan oui 7 0:4:d AVAYA1
voice-vlan oui 8 0:1b:4f AVAYA2
!
!
!
!
!
!
power inline powerup-mode staggered
spanning-tree mst configuration
name "3C-37-86-CB-9C-02"
!
!
!
!
!
snmp user "admin" "AUTH" auth md5 encrypted MoQ+ApVBxpb6ZLgxW91+2w==
!
!
!
!
!
ip http session-softtimeout 60
!
!
!
!
!
!
!
!
!
!
interface vlan15
ip address 192.168.15.20/24
interface vlan60
ip address 192.168.60.1/24
interface g1
!
interface g2
!
interface g3
switchport hybrid pvid 15
switchport hybrid allowed vlan add 15 untagged
switchport hybrid allowed vlan remove 1
!
interface g4
switchport hybrid pvid 15
switchport hybrid allowed vlan add 15 untagged
switchport hybrid allowed vlan remove 1
!
interface g5
switchport hybrid pvid 15
switchport hybrid allowed vlan add 15 untagged
switchport hybrid allowed vlan remove 1
!
interface g6
switchport hybrid pvid 15
switchport hybrid allowed vlan add 15 untagged
switchport hybrid allowed vlan remove 1
!
interface g7
!
interface g8
!
interface g9
!
interface g10
!
interface g11
!
interface g12
!
interface g13
!
interface g14
!
interface g15
!
interface g16
!
interface g17
!
interface g18
!
interface g19
!
interface g20
!
interface g21
switchport hybrid pvid 60
switchport hybrid allowed vlan add 60 untagged
switchport hybrid allowed vlan remove 1
!
interface g22
switchport hybrid pvid 60
switchport hybrid allowed vlan add 60 untagged
switchport hybrid allowed vlan remove 1
!
interface g23
switchport hybrid pvid 60
switchport hybrid allowed vlan add 60 untagged
switchport hybrid allowed vlan remove 1
!
interface g24
switchport hybrid pvid 60
switchport hybrid allowed vlan add 60 untagged
switchport hybrid allowed vlan remove 1
!
interface g25
!
interface g26
!
interface g27
!
interface g28
!
!
!
ip unicast-routing
ip route 0.0.0.0/0 192.168.15.1
ip route 192.168.15.0/24 192.168.15.1
ip route 192.168.60.0/24 192.168.15.1
!
Solved! Go to Solution.
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @Tim_In_VA
Welcome to Community!
I notice there is 3 static route in the startup-config file, I'm afraid it's the root cause.
Could you please remove the second and third one, only keep the default route(ip route 0.0.0.0/0 192.168.15.1), then try again.
!
ip route 0.0.0.0/0 192.168.15.1
ip route 192.168.15.0/24 192.168.15.1
ip route 192.168.60.0/24 192.168.15.1
!
Beside:
Could you please check the route table from the Router, if there is back route to VLAN60 IP subnet(ip route 192.168.60.0/24 192.168.15.20)?
Hope it helps!
Regards,
EricZ
All Replies
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @Tim_In_VA
Welcome to Community!
I notice there is 3 static route in the startup-config file, I'm afraid it's the root cause.
Could you please remove the second and third one, only keep the default route(ip route 0.0.0.0/0 192.168.15.1), then try again.
!
ip route 0.0.0.0/0 192.168.15.1
ip route 192.168.15.0/24 192.168.15.1
ip route 192.168.60.0/24 192.168.15.1
!
Beside:
Could you please check the route table from the Router, if there is back route to VLAN60 IP subnet(ip route 192.168.60.0/24 192.168.15.20)?
Hope it helps!
Regards,
EricZ