6 Replies Latest reply on Jul 18, 2012 7:52 PM by aburkholder

    VLAN issue

    aburkholder New Member

      I have a Netvanta 3305 router with a Dell PowerConnect switch connected to it.  We are replacing bridged T1's coming into the router with a fiber WAN connection coming into the Dell switch.  The other network uses different IP's.  Using the AOS guide for Inter-Lan routing I converted the connection between router and swtich to a VLAN trunk with subinterfaces lets say IP 192.168.1.0 tied to VLAN 1 and IP 192.168.2.1 tied to VLAN 200.  Then I created the firewall rules and moved them above my NAT rule per the guide.

       

      On the Dell switch I have default VLAN 1 and then VLAN 200 I created.  The port going to the fiber connection is configured for VLAN 200 with tagging on.   The port that connects to the trunk I created on the router is set to VLAN 1 untagged ( cannot set VLAN 1 to tagged on dell switches apparently) and also to VLAN 200 tagged so the switch knows both VLAN's can communicate over that port.

       

      At the other end of the fiber connection I have a NetVanta 1224STR.  All equipment at this end will be part of the "200" VLAN.

       

      I can communicate just fine with any equipment on VLAN 1 and Internet, as well as ping the 2 subinterfaces created on the trunk, however I cannot ping the 1224STR with IP 192.168.2.254 that is at the other end of the WAN link or any other equipment over the WAN.

       

      Do I need to actually configure any VLAN info on the 1224STR?  They all will be part of VLAN 200 which is specified on the Dell switch so I wouldn't think I would have to program the 1224 to say all ports are VLAN 200.

       

      I disconnected the old T1's and the Internet from the 3305 prior to testing to make sure i was testing just the fiber WAN.  I'm kind of at a loss since it seems no traffic can make it through the fiber WAN.

       

       

      I'm wondering if any of it has to do with using VLAN ID 1 on the switch and router.  Perhaps I should change all ports except for 1 (designated as management on VLAN 1) to VLAN 100 and then the port going to the fiber WAN connection as the VLAN 200 and change the trunk to allow VLAN 100 and 200.

        • Re: VLAN issue
          levi Employee

          aburkholder:

           

          Thank you for asking this question in the support community, and thank you for attaching the network diagram as well.

           

          It sounds like the design is set up correctly.  The NetVanta 3305 is setup as an 802.1q trunk with sub-interfaces in the proper VLANs.  The Dell switch has a trunk port connected to the NetVanta 3305, and a port in VLAN200 connected to the NetVanta 1224STR. 

           

          • Is the NetVanta 1224STR setup in routing mode, or is it only acting as a switch?
          • Does it have a default route or default-gateway pointed to the NetVanta 3305 at 192.168.2.1?
          • When you said you could not ping the IP of the 1224STR, what address were you pinging from?

           

          If you would like to reply to this post and attach a copy of the NetVanta 3305 and NetVanta 1224STR, I will be happy to review them for you (please, make sure to remove any information that may be sensitive to your organization).

           

          Levi

            • Re: VLAN issue
              aburkholder New Member

              The 1224STR is in routing mode both because of the T1's that were in place, but also that network currently has its own internet access serving that end.  There isn't any internet traffic over the WAN link.

               

              Currently the 1224STR has a route to the IP range (192.168.1.0/255.255.255.0) programmed as a static link over the PPP link created by the bridged T1's.

               

              I can try and clean up a printout of the configs to send if still needed.  I'm wondering however if that static ppp 1 link is part of the issue.

                • Re: VLAN issue
                  levi Employee

                  aburkholder:

                   

                  With the T1s and PPP link removed, then the static route will have to be changed to have 192.168.2.1 as the next hop to get to the 192.168.1.0/255.255.255.0  network (The command is ip route 192.168.1.0 255.255.255.0 192.168.2.1).  If removing the previous static route, and adding the new one, does not correct the issue, please reply with the configurations.

                   

                  Levi

                    • Re: VLAN issue
                      aburkholder New Member

                      Ok, I will give that a shot.  I will also have a static route on the 3305 saying ip route 192.168.2.0 255.255.255.0 192.168.1.1 for traffic in that direction.   I'm not going to have an opportunity to take the links down until Friday, but I think this should fix it.

                       

                      Thanks for your help.

                       

                      Alvin

                        • Re: VLAN issue
                          levi Employee

                          Alvin:

                           

                          You will not need a route on the NetVanta 3305 for the 192.168.2.0 /24 network, because that network will be directly connected via the sub-interface.  As far as the 3305 is concerned, everything on the 192.168.2.0 /24 network is all directly connected.

                           

                          I hope that makes sense, but please do not hesitate to reply with any additional questions or information.  I will be happy to help in any way I can.

                           

                          Levi

                            • Re: VLAN issue
                              aburkholder New Member

                              That makes sense.  I was able to slide in this evening and try it out.  Removing the static route for the old PPP link and adding the hop to the VLAN sub-interface plus changing which port was Tagged/Untagged on the VLAN 200 I created on the switch seems to have gotten it up and running.  A few days of using it will tell more but I may have to investigate more as to why I'm not really noticing a big increase in file transfer speeds and ping times were actually almost doubled moving up to the 20 Mbps connection vs the 2 bridged T1's (3 Mbps).

                               

                              Thanks for all your help.