Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    netgate XG7100U Intervlan, help please :c

    Scheduled Pinned Locked Moved
    L2/Switching/VLANs
    3
    7
    404
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      MiguelMolina
      last edited by MiguelMolina

      We just bought a netgate XG7100U, the problem arises when I need to add a vlan to the Layer 3 switch, read the documentation and add vlan 4092 (192.168.2.1/24) to port 8 as trunk and 7 as access or unlabeled, configure port 1 of the dlink switch as trunk for vlan 4092 and another as unlabeled for 9, the PC (192.168.2.101/24) and I don't have ping connectivity to the netgate switch (the vlan works correctly on the switch).

      I just connected my laptop to port 7 of the firewall that is untagged and I don't have a ping response either.

      etherswitch0: VLAN mode: DOT1Q
      port1:
      pvid: 4090
      state=8<FORWARDING>
      flags=0<>
      media: Ethernet autoselect (none)
      status: no carrier
      port2:
      pvid: 4091
      state=8<FORWARDING>
      flags=0<>
      media: Ethernet autoselect (1000baseT <full-duplex>)
      status: active
      port3:
      pvid: 4091
      state=8<FORWARDING>
      flags=0<>
      media: Ethernet autoselect (none)
      status: no carrier
      port4:
      pvid: 4091
      state=8<FORWARDING>
      flags=0<>
      media: Ethernet autoselect (none)
      status: no carrier
      port5:
      pvid: 4091
      state=8<FORWARDING>
      flags=0<>
      media: Ethernet autoselect (none)
      status: no carrier
      port6:
      pvid: 4091
      state=8<FORWARDING>
      flags=0<>
      media: Ethernet autoselect (none)
      status: no carrier
      port7:
      pvid: 4092
      state=8<FORWARDING>
      flags=0<>
      media: Ethernet autoselect (1000baseT <full-duplex,master>)
      status: active
      port8:
      pvid: 4092
      state=8<FORWARDING>
      flags=0<>
      media: Ethernet autoselect (none)
      status: no carrier
      port9:
      pvid: 1
      state=8<FORWARDING>
      flags=1<CPUPORT>
      media: Ethernet 2500Base-KX <full-duplex>
      status: active
      port10:
      pvid: 1
      state=8<FORWARDING>
      flags=1<CPUPORT>
      media: Ethernet 2500Base-KX <full-duplex>
      status: active
      laggroup0:
      members 9,10
      vlangroup0:
      vlan: 1
      members none
      vlangroup1:
      vlan: 4090
      members 1,9t,10t
      vlangroup2:
      vlan: 4091
      members 2,3,4,5,6,9t,10t
      vlangroup3:
      vlan: 4092
      members 7,8t

      98146bb2-1a67-460f-96db-22a448db8b0e-image.png

      f61a6247-6315-4184-a6d9-93435380962f-image.png

      4fff6ba4-0895-4d1e-aa13-87695366b9a9-image.png

      a41ad498-b604-4e49-b36d-939a2f5ee151-image.png

      f682664d-0f0c-4004-8d90-850ed4a6a5a2-image.png

      ba5a146d-a356-4222-a8d7-15bbaa1d3e5f-image.png

      ffafba58-ba0a-4a98-be93-184c1bc18515-image.png

      M 1 Reply Last reply Reply Quote 0
      • M
        MiguelMolina @MiguelMolina
        last edited by

        @MiguelMolina HELPPP

        1 Reply Last reply Reply Quote 0
        • M
          marvosa
          last edited by

          Is your L3 capable switch actually implemented as an L3 switch? In other words, is routing enabled and are you using it for inter-VLAN routing?

          1 Reply Last reply Reply Quote 0
          • M
            MiguelMolina
            last edited by

            I do not need routing, this equipment by default has two vlans per VLAN WAN 4090 (PORTS 1,9t, 10t), VLAN LAN 4091 (PORTS 2,3,4,5,6,9t, 10t), I created the vlan 4092 LAN2 (7,8t) connect a laptop to port 7 that is untagged and I do not receive ping from this equipment, since it is on the same subnet, also check the rules of the LAN2 interface and do not even have input packets.

            1 Reply Last reply Reply Quote 0
            • M
              marvosa
              last edited by marvosa

              One thing to remember is some switch vendors use the term "trunk" differently than Cisco does. So, depending on what the vendor defines as a "trunk", you may not be connected the way you think.

              You need to tag 4091 and 4092 on the link between PFsense and your switch and then make sure the access ports on your switch are in the correct VLAN.

              Also, typically the WAN is connected to a physical routed port. Do we know why the WAN is on a VLAN? Not that it can't be, but it can add some complexity.

              1 Reply Last reply Reply Quote 0
              • DerelictD
                Derelict LAYER 8 Netgate
                last edited by Derelict

                Don't set the PVID on port 8 to the tagged VLAN ID. Leave it 4091 or set it to something unused.

                In order for lagg0.4092 to receive any traffic you also need to add 9t and 10t as tagged ports.

                Chattanooga, Tennessee, USA
                A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                Do Not Chat For Help! NO_WAN_EGRESS(TM)

                1 Reply Last reply Reply Quote 0
                • M
                  MiguelMolina
                  last edited by MiguelMolina

                  gracias por su atención, solucione mi problema ;)

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post