Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

No Internet Access over VLAN 1

Status
Not open for further replies.
ProUser

ProUser

Technical User
Sep 13, 2011
60
GB
Hi,

This is my first post here so hope to find a solution from you guys..

I have a Netgear L3 Managed switch (GSM7324) and have configured 3 VLANs over it. But for some reason I am unable to access the internet through the VLANs. I am using a BT Business Router (BT2700HGV)

My config is as below:

VLAN 1 (Default) IP 169.254.100.100 Ports 12-24
VLAN 2 192.168.1.254 for connection to the Internet ADSL port 11
VLAN 3 192.168.2.1 port 1-5 and
VLAN 4 192.168.3.1 port 6-10

I have enabled default routing on the Switch to my ADSL Modem (192.168.1.1). I have also added two static routes on the ADSL (192.168.2.0 / 255.255.255.0 DG 192.168.1.254 and 192.168.3.0 / 255.255.255.0 DG 192.168.1.254)

I can ping the ADSL Modem, all the VLANs and the PCs on the VLANs but I don't have internet access with teh PCs on the VLANs.

Mo ADSL is working fine when i connect it directly to a PC.

Anything to do with the ADSL Router / Modem? Someone told me that the modem should support VLAN routing, which seems doubtful as I have enabled routing on each VLANs and the L3 switch is supposed to be doing all the VLAN routing bit??

Any idea what can be wrong?

Cheers.
 
Sort by date Sort by votes
I cant get to the internet through VLAN2.. PC connected to Port 12 and ADSL cable to Port 11. Cant Ping the router as well nor Port 12 (192.168.1.254)... I just uploaded a config that was working before.. weired!
 
Upvote 0 Downvote
I can run a ping from the Switch to any IP. Tried with 192.168.1.1, 8.8.8.8, 209.85.227.147 and i get reply for them all...
 
Upvote 0 Downvote
:) - You are not having much luck Pro.

Ok - you need to go back a step again. Check that the configuration for port 12 is actually on VLAN2. Then check that the PC is getting an IP address on 192.168.1.0/24

Cheers,
Scott
 
Upvote 0 Downvote
Hi Scott,

The config looks fine on port 12. I just checked, port 11 and 12 are for VLAN2.

When I have the PC on VLAN2 (Port 12) with no static IP, it does not give me an IP in the range of 192.168.1.xx. Instead am getting 169.254.245.234. What is that suppose to mean??

Do you think adding 8.8.8.8. or 208.67.222.222 / 208.67.220.220 in the DNS part of the L3 switch would help?
 
Upvote 0 Downvote
Hi Pro,

The 169.x.x.x address is assigned when no DHCP server responds (or something like that). Is DHCP active on the ADSL modem?

Cheers,
Scott
 
Upvote 0 Downvote
If you set up your vlan structure off of the model in the PDF, and you have your static routes set, and the IP's correspond to the correct ports, you should be able to connect via VLAN 2 at least.

According to your very first post, VLAN 2 is 1 port while 3 and 4 are the ports before and the default VLAN 1 the ones after. Port 12 falls into vlan 1, so as Deaks said, you need to make sure 12 is in 2.

If you went off the PDF, VLAN 2 consists of the physical connection to the Router, where as your VLAN 2 is only the physical connection to the Router with no additional ports.

If I was in your shoes, I would start fresh and copy exactly what is shown because this should be a fairly trivial procedure. If you do it that way, only setup VLAN 2 as shown and get it to work before moving on and possibly complicating it more.

I would go with what Deaks is saying first but eventually I would just start over.

"Silence is golden, duct tape is silver...
 
Upvote 0 Downvote
Doc is quite right.

All this playing around makes it easy to make mistakes, as I know too well first hand...

Cheers,
Scott
 
Upvote 0 Downvote
Upvote 0 Downvote
You definitely need to check the Router for two things,

1) is the physically connected port to the switch actually assigned 192.168.1.254?
2) is DHCP enabled as Deaks asked

If those are set correctly then, as I stated above

"Silence is golden, duct tape is silver...
 
Upvote 0 Downvote
I configured it 3 times to be honest, but as you said earlier it does not look to be with the Switch but more with the router. So I am just guessing if i do it again, will it really help finding the routing problem on the D-Link?
 
Upvote 0 Downvote
Have you been inside the config for the router yet? If so I missed it but this is a large thread :)

"Silence is golden, duct tape is silver...
 
Upvote 0 Downvote
Hi Pro,

Is port 12 definately on VLAN2? The last config post you did shows something slightly different between 11 and 12:

Code: 
interface  0/11
vlan pvid 2
vlan participation exclude 1
vlan participation include 2
exit

interface  0/12
vlan participation exclude 1
vlan participation include 2
exit

0/12 is missing the vlan pvid 2

Cheers,
Scott
 
Upvote 0 Downvote
Ok you are right, 0/12 is missing the vlan pvid 2. Thanks for reminding. I just added it.

Now the new config is

interface 0/11
vlan pvid 2
vlan participation exclude 1
vlan participation include 2


interface 0/12
vlan pvid 2
vlan participation exclude 1
vlan participation include 2
 
Upvote 0 Downvote
Sorry Pro.

I had seen the image, I should have been clearer in my question. I think the 'vlan pvid 2' is an important parameter and wanted to know if it is still missing in the current config. Usually this indicates which is the native VLAN the port belongs to. It might be confusing the switch to have it missing. I am just guessing though...

Cheers,
Scott
 
Upvote 0 Downvote
Hi Scott,

Going back to this now:

1. plug a PC into port 12 again (vlan2) and make sure it can ping 209.85.227.147 (2. start wireshark to monitor the router port
3. From the PC on vlan2, execute 'ping -l 100 86.2.106.208' (one of my external IP addresses)
4. From the PC on vlan3, execute 'ping -l 200 86.2.106.208'

I have network monitoring setup to look for ICMP packets, so we can check they are leaving and arriving here ok first.

I just did the ping, you might have it in your ICMP monitoring.

I have also attached the Wireshart report for this process.

 
Upvote 0 Downvote
Update:

I have added 192.168.1.1 in the DNS Server on the Switch and I can now ping yahoo.com etc.

Note that in the previous wireshark capture 192.168.1.1 was not in the DNS list
 
Upvote 0 Downvote
Hi Pro,

Did you ping the address from a PC on vlan3? (i.e. step 4) I cannot see anything in mirror trace, but there is something in my traces.

All the source address are ok - so the NAT'ing seems to be working if that is the case.

Cheers,
Scott
 
Upvote 0 Downvote
Look at page 9 of the PDF, this is what Deaks is talking about, is it set to the correct PVID for VLAN 2 here?

"Silence is golden, duct tape is silver...
 
Upvote 0 Downvote
Could you do a "show ip route" and "show vlan" commands on the switch?

"Silence is golden, duct tape is silver...
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

CryptoTuke
  • Locked
  • Question
Maximum buffer size on Winsock for sending one block of data over TCP / IP
Replies
1
Views
415
maybeimaleo
maybeimaleo
SirBlack
  • Locked
  • Question
Internet connection problem
Replies
5
Views
96
kjv1611
kjv1611
DrB0b
  • Locked
  • Question
Multiple WiNG Zebra Access Points with possible issue
Replies
1
Views
258
DrB0b
DrB0b
F_Ionut
  • Locked
  • Question
TCP-IP over GPRS with Modbus
Replies
1
Views
122
robertjo24
robertjo24
nelsonsk2
  • Locked
  • Question
No Internet on VLAN but websites are resolving
Replies
7
Views
177
nelsonsk2
nelsonsk2

Part and Inventory Search

Sponsor

Back
Top