Completely puzzled

Routing and Multi WAN
Log in to reply
  • J

    I am not sure what I am messing up.  I have my configuration pretty basic at the moment and yet I can not get my vlans to talk to the outside world

    |–------> Cisco SF300-48P
                                                          |
    PFSENSE -------->  Cisco SG300-20 --|
                                                          |
                                                          |--------> Cisco SG300-10MPP---------> UniFi AP-AC-Pro

    PFSENSE CONFIGS:

    | | |
    | | |
    | | |

    • DHCP on all internal networks

    • All VLANS currently have the same firewall rules

    • All switches in layer2 config

    All Switches:

    • All switches are able to grab a management IP address from VLAN99 DHCP Reserved IPs

    • All switches are able to ping gateways of all VLANS

    • All switches are able to ping LAN gateway

    • All switches are able to ping 8.8.8.8 (Google DNS)

    • All switches FAIL to ping hostname google.com

    Switch1 CONFIGS:

    • GE17  PFSENSE - TRUNK

    • GE19  SWITCH 2 - TRUNK

    • GE20  SWITCH 3 - TRUNK

    | | |
    | |

    Switch2 CONFIGS:

    • GE1  AP1 - TRUNK

    • GE10  SWITCH 1 - TRUNK

    | | |
    | |

    Switch3 CONFIGS:

    • GE4  SWITCH 1 - TRUNK

    | | |
    | |

    0
  • GentleJoe

    Did you configure, Firewall-NAT-Outbound ?

    Did you enable a DHCP server to exist/allow access on each vlan?

    0
  • J

    Yes there is a DHCP on each VLAN.  I did not configure any thing in the NAT rules.  Only the automatic rules have been created

    If I am on the default vlan/LAN then I have internet access.

    0
  • Derelict
    LAYER 8 Netgate

    All switches are able to grab a management IP address from VLAN99 DHCP Reserved IPs
        All switches are able to ping gateways of all VLANS
        All switches are able to ping LAN gateway
        All switches are able to ping 8.8.8.8 (Google DNS)
        All switches FAIL to ping hostname google.com

    That is the only actual trouble description you gave so…

    Your switches cannot resolve DNS. Fix that.

    0
  • johnpoz
    LAYER 8 Global Moderator

    If you want your switches to resolve dns, that has to be set

    https://sbkb.cisco.com/CiscoSB/GetArticle.aspx?docid=5fa907c56103465e86b7f56ca946efe7_Configuration_of_a_DNS_Server_on_a_SF200_Series_Device.xml&pid=2&converted=0
    Add a DNS Server on the 200/300 Series Managed Switches

    0
  • G

    I'm not sure I understand your problem. Your switches can ping 8.8.8.8 so indeed they can talk to the outside world. What is what does not work? Regular hosts plugged onto those switches are the ones that can't?

    Also, why all ports on all switches are set up as trunks? Shouldn't you have at least some access ports where you plug in your hosts?

    0

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy