Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Can't establish connection between hosts on 2 different vlans

    Firewalling
    2
    5
    358
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L
      lmurarka
      last edited by lmurarka

      Hi, I'm working with two Netgear 7100-1u firewall appliances to replace my existing routers in my office.

      I believe I have configured all my interfaces, vlans, and rules correctly, however I can't ping between my host and core switch which are on different vlans.

      I have my network staged at my desk, my host is 10.0.6.9/24 attached to access switch which is trunked to my core switch stack on 10.0.0.126/24.

      Core switch ports are in trunk mode to router switch ports.
      DHCP Server works and leases out my reserved IP 10.0.6.9/24.

      I configured the firewall rules to be open to any.

      I've looked at the firewall logs and it appears that the deny all rule built in may be causing my issue.

      Is there something missing or mis-configured?

      Any help would be much appreciated.

      See attached
      Switch_vlans.PNG Switch_ports.PNG Rules_mgmt.PNG Rules_lan3.PNG Route_table.PNG Ping_mgmt-switch.PNG Ping_mgmt-lan3.PNG Ping_lan3-switch.PNG Ping_host-switch.PNG Interface_vlans.PNG Interface_assignments.PNG

      1 Reply Last reply Reply Quote 0
      • Z
        Zawi
        last edited by

        What is the default route in the switch?

        1 Reply Last reply Reply Quote 0
        • L
          lmurarka
          last edited by

          Core switch is in layer 2 mode with vlan tagging, no layer 3 or default route on switch. I currently have 3 switch ports, on 3 different vlans, trunked(tagged) to 3 ethernet ports on xg-7100 router.

          1 Reply Last reply Reply Quote 0
          • Z
            Zawi
            last edited by

            ok it is L2 , but there is an IP 10.0.0.126/24 (Switch IP). if yes , this IP needs to know how to go to 10.0.6.9/24 .

            Which Switch do you have?

            L 1 Reply Last reply Reply Quote 0
            • L
              lmurarka @Zawi
              last edited by

              @Zawi You are correct, no default gateway was set on my cisco switch stack for my virtual management IP of 10.0.0.126/24. Set gateway to 10.0.0.1, problem solved!

              Thanks dude, made my day! Happy 4:20!!! from Vancouver, BC, Canada

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.