[SOLVED] VLAN/Firewall Configuration Problem
-
I'm having a problem with my VLAN configuration. I've followed guides on how to do this to the letter, but it's still not working. My setup is as follows:
VLAN 10: HomeLAN, 192.168.1.0/24
VLAN 20: LAB, 192.168.2.0/24
Both VLANs are assigned to subinterfaces on the LAN side. Screenshot of the router config.Same VLANs are defined on the switch as well. Ports 1-5 are assigned to VLAN 10, 6 and 7 are assigned to VLAN 20, 8 is a trunk port which goes to the router. Screenshot of the switch config.
I've also defined firewall rules allowing traffic on each VLAN interface. Screenshot.
VLAN 10 works fine; I can reach the internet and ping hosts in both VLANs. However, hosts in VLAN 20 can do none of those things; pings fail and the internet is unreachable, however they are able to receive DHCP addresses from the router. I've tried rebooting the router to no avail. What am I missing here? Everything appears to be configured correctly, yet it's not working.
-
Did you turn off automatic NAT?
Everything else looks good.
-
Sorry for the late reply, but I just now figured it out. Firewall rules default to only allowing TCP traffic, which was why my pings weren't going through. Changed it to allow all protocols, and everything works now.
-
Yeah I missed that in your screenshot. Sorry. Glad you found it.
