Menu
What's new
By:
Filters Better Search

Netgear m4100-D12G inter vlan access

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

W

wilfred

New Around Here
Hello


I was following the article http://www.smallnetbuilder.com/lanw...ow-to-use-a-layer-3-switch-in-a-small-network
- more or less.

In my setup the Netgear m4100 is connected to a LAN port on an Asus RT-N66u router.
The m4100 switch has a static IP of 192.168.1.250 (set via USB/serial console)

I have 2 extra VLANs (+ a VLAN99) VLAN3 and VLAN5.
Ports 3&4 are assigned to VLAN3, Ports 5&6 are assigned to VLAN5.

I followed the instructions of the above article. In my case VLAN3 has the gateway IP of 192.168.3.250 and VLAN5 has gateway IP of 192.168.5.250.
(VLAN1 has the gateway of .1.250)

I connected a PC on port 3 and another on port 5.
These PCs have static IPs of 3.10 (gateway 3.250) and 5.10 (Gateway 5.250)

Each PC can access the internet.
They can access all the gateway IPs (1.250, 3.250, 5.250)
They can of course access the Asus router (192.168.1.1)

However they cannot access each other.
e.g 3.10 cannot ping 5.10 (and vice versa)

I tried with DHCP too. The PCs get a proper DHCP address (3.1 and 5.1) and just as with static IP, they can access the internet, the router, other gateway IPs. But not each other.

What do I need to do to access across VLANs?

Any help is appreciated.
 
Unfortunately I have not worked with the type switch you have so I can't tell you exactly how to do this but you need to set up static routes so the networks can see each other. It looks like your switch is a Layer 2+, meaning it supports some layer 3 switch features like static routes. Without the route statements the switch does not know how to make the subnets talk to each other.
Step 9 on the article you linked to showed the routes for their example. You may be able to use that and adapt it to your situation.
 
Last edited:
Are you able to run debugs on these devices? like for example see what the arp packets look like or pings. I find it interesting that the PCs can access their default gateways and the internet but not other hosts in other VLANs. Did you need to configure a trunk link between the switch and the router so that VLAN traffic could pass through it?
 
Thanks for the replies.

The learned routes are similar to the ones mentioned in the article in smallnetbuilder- step9.

I did check using wireshark on the PC. The ping packet is sent. But no other packets are visible (except some STP stuff). When the ping succeeds it shows much more packets as expected.

Doing a traceroute to say .5.10 from 3.10 shows it is accessing the gateway on the first line. After that it times out

1ms 1ms 1ms 192.168.3.250 (This is the gateway for Vlan 3)
* * * Request Timed out
 
A couple things to check.

1. Enable IP routing on the switch via Routing-IP-Basic-IP Configuration. Make sure Routing Mode = Enable.

2. Check your M4100's route table via Routing-Routing table. You should see a route table showing the following:
⦁ A static default route of 0.0.0.0/0 with a next hop interface = vlan 1 and next hop ip = 192.168.1.1.
⦁ A connected route of 192.168.1.0/24 with a next hop interface = vlan 1 and next hop ip = 192.168.1.250.
⦁ A connected route of 192.168.3.0/24 with a next hop interface = vlan 3 and next hop ip = 192.168.3.250.
⦁ A connected route of 192.168.5.0/24 with a next hop interface = vlan 5 and next hop ip = 192.168.5.250.

3. Try the ping utility in the Maintenance menu. Can you ping your PCs on VLAN 3 and VLAN 5 from the switch?

Items 2 and 3 above may help identify the issue.
 
Progress !!

@dreid

Thanks very much for the tip about the firewall.
I reapplied the connections (forgot to save config earlier) and by enabling access on windows firewall (on each PC) I can now successfully ping from 192.168.3.1 to 192.168.5.1 and vice versa.

However from the PCs in the 3 & 5 VLans (3.1 & 5.1) I cannot ping any PC connected on vlan1 - whether that PC is connected via the switch or via wireless/wired on the Asus router. (I have of course enabled the same incoming firewall rules on PCs on VLan 1)

However PCs on Vlan1 can ping all PCs on other Vlans.

So currently as it stands
PCs on vlans 3 & 5
- can access each other and the internet and ping 192.168.1.250 and 192.168.1.1
- cannot access PCs on Vlan1 (192.168.1.x)

PCs on vlan 1
- can access all PCs on all Vlans and the internet.

On my Asus router I have the following static routes
192.168.3.0/24, Gateway 192.168.1.250
192.168.5.0/24, Gateway 192.168.1.250

The routing table of the m4100 is exactly as described in pt #2 of the previous post.

A tracert to a PC on Vlan1 (192.168.1.241) from 3.1 fails as follows
1ms 1ms 1ms 192.168.3.250 (This is the gateway for Vlan 3)
* * * Request Timed out

What am I missing.
 
You must log in or register to reply here.

Similar threads

P
Tutorial Subnetting isolation without a VLAN switch
Replies
6
Views
1K
Justinh
J
E
ASUS Merlin router and Cisco L3 Switch: clients in VLANs not picking up DNS server
Replies
1
Views
2K
ewon_c
E
M
Inter-vlan Routing
Replies
7
Views
4K
coxhaus
C
K
Home Business setup with vlans and security cams
Replies
13
Views
4K
klinkenok
K
T
Vlan configuration - Netgear GS108E
Replies
4
Views
5K
TomT
T
Similar threads
Thread starter Title Forum Replies Date
D Netgear GS305EPP Port 4 Untrusted? Switches, NICs and cabling 5

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 701 (members: 23, guests: 678)
Top