netgate XG7100U Intervlan, help please :c
-
We just bought a netgate XG7100U, the problem arises when I need to add a vlan to the Layer 3 switch, read the documentation and add vlan 4092 (192.168.2.1/24) to port 8 as trunk and 7 as access or unlabeled, configure port 1 of the dlink switch as trunk for vlan 4092 and another as unlabeled for 9, the PC (192.168.2.101/24) and I don't have ping connectivity to the netgate switch (the vlan works correctly on the switch).
I just connected my laptop to port 7 of the firewall that is untagged and I don't have a ping response either.
etherswitch0: VLAN mode: DOT1Q
port1:
pvid: 4090
state=8<FORWARDING>
flags=0<>
media: Ethernet autoselect (none)
status: no carrier
port2:
pvid: 4091
state=8<FORWARDING>
flags=0<>
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
port3:
pvid: 4091
state=8<FORWARDING>
flags=0<>
media: Ethernet autoselect (none)
status: no carrier
port4:
pvid: 4091
state=8<FORWARDING>
flags=0<>
media: Ethernet autoselect (none)
status: no carrier
port5:
pvid: 4091
state=8<FORWARDING>
flags=0<>
media: Ethernet autoselect (none)
status: no carrier
port6:
pvid: 4091
state=8<FORWARDING>
flags=0<>
media: Ethernet autoselect (none)
status: no carrier
port7:
pvid: 4092
state=8<FORWARDING>
flags=0<>
media: Ethernet autoselect (1000baseT <full-duplex,master>)
status: active
port8:
pvid: 4092
state=8<FORWARDING>
flags=0<>
media: Ethernet autoselect (none)
status: no carrier
port9:
pvid: 1
state=8<FORWARDING>
flags=1<CPUPORT>
media: Ethernet 2500Base-KX <full-duplex>
status: active
port10:
pvid: 1
state=8<FORWARDING>
flags=1<CPUPORT>
media: Ethernet 2500Base-KX <full-duplex>
status: active
laggroup0:
members 9,10
vlangroup0:
vlan: 1
members none
vlangroup1:
vlan: 4090
members 1,9t,10t
vlangroup2:
vlan: 4091
members 2,3,4,5,6,9t,10t
vlangroup3:
vlan: 4092
members 7,8t
-
@MiguelMolina HELPPP
-
Is your L3 capable switch actually implemented as an L3 switch? In other words, is routing enabled and are you using it for inter-VLAN routing?
-
I do not need routing, this equipment by default has two vlans per VLAN WAN 4090 (PORTS 1,9t, 10t), VLAN LAN 4091 (PORTS 2,3,4,5,6,9t, 10t), I created the vlan 4092 LAN2 (7,8t) connect a laptop to port 7 that is untagged and I do not receive ping from this equipment, since it is on the same subnet, also check the rules of the LAN2 interface and do not even have input packets.
-
One thing to remember is some switch vendors use the term "trunk" differently than Cisco does. So, depending on what the vendor defines as a "trunk", you may not be connected the way you think.
You need to tag 4091 and 4092 on the link between PFsense and your switch and then make sure the access ports on your switch are in the correct VLAN.
Also, typically the WAN is connected to a physical routed port. Do we know why the WAN is on a VLAN? Not that it can't be, but it can add some complexity.
-
Don't set the PVID on port 8 to the tagged VLAN ID. Leave it 4091 or set it to something unused.
In order for lagg0.4092 to receive any traffic you also need to add 9t and 10t as tagged ports.
-
gracias por su atención, solucione mi problema ;)
