Inter-VLAN communication not working
Problem:
Devices cannot connect directly to (or ping) devices in a different VLAN.
Notes:
-The router, switches, and access points are on VLAN1 (untagged) and have static IPs without conflicts, same subnet mask (255.255.255.0), and default gateway (192.168.1.1).
-The Router and AP’s are controlled by the Hardware Controller but the switches are setup in standalone mode.
-VLANs 2, 3, and 4 (all tagged) are also setup on the router, switches, and APs.
-All devices on the network are connected to the internet.
-No ACLs have been created.
Hardware Layout:
TL-ER7206 Router (192.168.1.1)
| |
TL-SG3452P switch (.1.2) TL-SG3210XHP-M2 switch (.1.3)
| | |
OC200 hardware controller (.1.9) three EAP660HD access points (.1.11-13) three TL-SG2008 switches (.1.5-7)
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Dear @DannyZ,
DannyZ wrote
Problem:
Devices cannot connect directly to (or ping) devices in a different VLAN.
Notes:
-The router, switches, and access points are on VLAN1 (untagged) and have static IPs without conflicts, same subnet mask (255.255.255.0), and default gateway (192.168.1.1).
-The Router and AP’s are controlled by the Hardware Controller but the switches are setup in standalone mode.
-VLANs 2, 3, and 4 (all tagged) are also setup on the router, switches, and APs.
-All devices on the network are connected to the internet.
-No ACLs have been created.
What kind of devices are unable to communicate across VLANs? Are they connected via LAN or WLAN?
Could you please log in the Controller and provide Wired Networks -> LAN ->Network page for checking?
What's the detailed firmware version of your router and switches?
- Copy Link
- Report Inappropriate Content
Router: TL-ER7206 v1.0 (firmware: 1.2.0)
Switches: TL-SG3452P v1.0 (firmware: 1.1.1)
TL-SG3210XHP-M2 v1.0 (firmware: 1.0.6)
TL-SG2008 v3.0 (firmware: 3.0.2)
APs: EAP660 HD(US) v1.0 (firmware: 1.1.0)
Specific devices affected are the following.
Wired to the SG3452P switch:
-Western Digital MyBook drive
-WD MyCloud drive
-Denon HEOS AVR-S960H receiver/amplifier
-various desktop computers
-various TVs and streaming media devices
Connected wirelessly to the APs which are connected to the TL-SG3210XHP-M2 switch:
-various Apple iPhones
-various laptops
Phones (on VLAN1) using the HEOS application cannot find the HEOS device (on VLAN3) unless the phone connects to the VLAN3 wifi. Computers on any VLAN other than VLAN1 cannot connect to the network drives that are on VLAN1. I've attempted to ping various devices on different VLANs and they always fail.
Wired Networks -> LAN ->Network page:
To show ACLs are disabled:
VLAN3 is for media devices
- Copy Link
- Report Inappropriate Content
Dear @DannyZ,
DannyZ wrote
Specific devices affected are the following.
Wired to the SG3452P switch:
-Western Digital MyBook drive
-WD MyCloud drive
-Denon HEOS AVR-S960H receiver/amplifier
-various desktop computers
-various TVs and streaming media devices
Connected wirelessly to the APs which are connected to the TL-SG3210XHP-M2 switch:
-various Apple iPhones
-various laptops
To confirm, are the devices above obtaining correct IP addresses from the corresponding VLAN?
Is there any error message when devices failed to connect devices in different VLAN?
Please test with the desktop computers or laptops in different VLAN, try to ping with IP address and see if it is successfully.
Some firewalls on the PC may block the ping requests, you may disable the firewalls for checking.
- Copy Link
- Report Inappropriate Content
All devices in each VLAN are being assigned an appropriate IP address. They can all connect to the internet. There haven't been any other issues with connectivity.
All firewalls on the router and computers have been disabled during testing. This has not resolved the issue.
I have seen web error 403 when trying to access the web interface of devices on different VLANs.
Pinging any device in a different VLAN always fails. 100% loss of packets.
- Copy Link
- Report Inappropriate Content
Actually... I tried again and pinging some devices is actually coming back successfull. The WD MyCloud drive is returning the 403 error. A quick internet search on that shows that specific device will not allow communication from any other subnet by default (regaurdless of VLANs). So that explains the issue with that specific device.
Give me a day to rearrange devices and retest this problem to verify it is still an issue.
- Copy Link
- Report Inappropriate Content
Correction: I can successfully ping devices in other VLANs and can access their web interfaces (for those that have them).
Maybe this should become a new post now that my problem is more specific but I will ask it here first.
1.) The real problem is accessing a Denon AVR-S960H audio/video reciever (on VLAN4) via the HEOS app from a mobile phone connected wirelessly to VLAN1. Internet searches make this seem like a common problem often resolved using mDNS and IGMP proxy settings. I am unable to find any settings like that on any of the TP-Link equipment im using.
2.) In the switch settings under L2 Features > Multicast > IGMP Snooping, should each switch have IGMP snooping querier enabled and if so should the querier IP be that of the router or another device?
- Copy Link
- Report Inappropriate Content
Correction: I can successfully ping devices in other VLANs and can access their web interfaces (for those that have them).
Maybe this should become a new post now that my problem is more specific but I will ask it here first.
1.) The real problem is accessing a Denon AVR-S960H audio/video reciever (on VLAN4) via the HEOS app from a mobile phone connected wirelessly to VLAN1. Internet searches make this seem like a common problem often resolved using mDNS and IGMP proxy settings. I am unable to find any settings like that on any of the TP-Link equipment im using.
2.) In the switch settings under L2 Features > Multicast > IGMP Snooping, should each switch have IGMP snooping querier enabled and if so should the querier IP be that of the router or another device?
- Copy Link
- Report Inappropriate Content
Dear @DannyZ,
DannyZ wrote
Correction: I can successfully ping devices in other VLANs and can access their web interfaces (for those that have them).
Maybe this should become a new post now that my problem is more specific but I will ask it here first.
1.) The real problem is accessing a Denon AVR-S960H audio/video reciever (on VLAN4) via the HEOS app from a mobile phone connected wirelessly to VLAN1. Internet searches make this seem like a common problem often resolved using mDNS and IGMP proxy settings. I am unable to find any settings like that on any of the TP-Link equipment im using.
Thank you for your valued update on the case.
I'm afraid that TP-Link gateway doesn't support mDNS repeater across VLANs at present. This has been already submitted as a feature request to the TP-Link team. Further research and development on this feature is on the way. I think the mDNS repeater feature will be supported in 2022, probably in Q2 or Q3 (just for your reference only).
- Copy Link
- Report Inappropriate Content
The multicast settings seem to be the primary fix according to other HEOS users. What is the proper configuration of multicast queriers with multiple vlans? Should a querier be enabled on every vlan, none of them, or one of them? What should the querier IP address be with my setup described in the original post?
Thanks again for all your help!
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 1881
Replies: 9
Voters 0
No one has voted for it yet.