Business Community > Controllers > Need Help – Inter-VLAN Access from Admin LAN (192.168.0.x) to VLAN 10 Device (10.10.10.254) oc
< Controllers

Need Help – Inter-VLAN Access from Admin LAN (192.168.0.x) to VLAN 10 Device (10.10.10.254) oc

Need Help – Inter-VLAN Access from Admin LAN (192.168.0.x) to VLAN 10 Device (10.10.10.254) oc

Need Help – Inter-VLAN Access from Admin LAN (192.168.0.x) to VLAN 10 Device (10.10.10.254) oc
Need Help – Inter-VLAN Access from Admin LAN (192.168.0.x) to VLAN 10 Device (10.10.10.254) oc
Monday - last edited Yesterday
Tags: #Controller #VLAN & Multi-Networks
Model: OC200   ER7206 (TL-ER7206)   TL-SG2428P  
Hardware Version: V1
Firmware Version: 5.xx

I’m managing my network with an OC200 + ER7206 + Managed Switch setup.

My goal is to access and manage a ZTE router (IP: 10.10.10.254) located in VLAN 10 (subnet 10.10.10.0/24) from my Admin LAN (192.168.0.0/24).

 

Here’s my configuration summary:

 

Gateway: ER7206 (managed by OC200)

 

Admin VLAN (Default): 192.168.0.0/24

 

LAN_OLD_Switch (VLAN 10): 10.10.10.0/24

 

ZTE Router: Static IP 10.10.10.254 (DHCP Off)

 

Controller: OC200

 

ACL: Permit Admin → VLAN 10 (LAN→LAN rule)

 

Static Route Attempt: Tried 10.10.10.254/32 → Admin (Default) but no result

 

 

Currently, I can reach VLAN 10 devices only if my PC is manually set to the 10.10.10.x subnet.

Ping from 192.168.0.x → 10.10.10.254 returns “Destination host unreachable” from 192.168.0.1.

 

What I need help with:

 

Confirm the correct way to enable inter-VLAN routing in the OC200 interface or directly on the ER7206 (new firmware hides the toggle).

 

Verify if any additional static routes or ACL rules are required.

 

Ensure that this setup allows Admin LAN devices to reach 10.10.10.254 without breaking VLAN isolation.

 

 

Any advice or screenshots from a similar configuration would be appreciated!

 

Hardware / Versions:

 

TP-Link ER7206 v1.x

 

OC200 Controller (Omada SDN 5.x)

 

Managed Switch with Port 24 as Access VLAN 10

 

ZTE F670L connected via Easy-Manage Switch

  0      
 
  0      
 
#1
Options
1 Accepted Solution
Re:Need Help – Inter-VLAN Access from Admin LAN (192.168.0.x) to VLAN 10 Device (10.10.10.254) oc-Solution
Yesterday - last edited Yesterday

Hi  @A_Mansoor 

 

Thanks for posting here:

As GRL mentioned, different VLAN interfaces can communicate with each other by default, so no additional ACL configuration is required to allow access between them.

The main reason of this situation is likely related to the connection settings of the ZTE router.

Generally, routers(with NAT) block data access from the WAN side. Here are some suggestions to avoid this:

  1. Is 10.10.10.254 the WAN IP or LAN IP of the ZTE router? It is recommended to set it as the WAN IP. If it's LAN IP, the access will be blocked by the NAT or the ZTE router;
  2. Simply disable NAT on the ZTE router and configure it in Access Point mode.
Wish you a happy life and smooth network usage!  >Omada US Enterprise Beta Program Launch< >Get the Latest Omada SDN Controller Releases Here< >Experience the Latest Omada EAP Firmware<
Recommended Solution
  0  
  0  
#4
Options
3 Reply
Re:Need Help – Inter-VLAN Access from Admin LAN (192.168.0.x) to VLAN 10 Device (10.10.10.254) oc
Monday

  @A_Mansoor How are your VLANs set up? Can you please send a screenshot of the configuration page? 
 

  0  
  0  
#2
Options
Re:Need Help – Inter-VLAN Access from Admin LAN (192.168.0.x) to VLAN 10 Device (10.10.10.254) oc
Monday

  @A_Mansoor 

 

By default, unless you specifically isolate VLANs with either ACLs or the new "Isolated network" freature, all vlans can openly communicate both ways

 

You dont need a static route for inter-vlan routing if you are not switch routing (you probably arent) - but you need to make sure that all devices are using the router IP for their respective vlan as the DHCP.Static Gateway IP setting.  If it isnt set, the end device can only communicate with devices on their vlan.

 

The ZTE router - are you plugged into its WAN or its LAN port from your switch?

  0  
  0  
#3
Options
Re:Need Help – Inter-VLAN Access from Admin LAN (192.168.0.x) to VLAN 10 Device (10.10.10.254) oc-Solution
Yesterday - last edited Yesterday

Hi  @A_Mansoor 

 

Thanks for posting here:

As GRL mentioned, different VLAN interfaces can communicate with each other by default, so no additional ACL configuration is required to allow access between them.

The main reason of this situation is likely related to the connection settings of the ZTE router.

Generally, routers(with NAT) block data access from the WAN side. Here are some suggestions to avoid this:

  1. Is 10.10.10.254 the WAN IP or LAN IP of the ZTE router? It is recommended to set it as the WAN IP. If it's LAN IP, the access will be blocked by the NAT or the ZTE router;
  2. Simply disable NAT on the ZTE router and configure it in Access Point mode.
Wish you a happy life and smooth network usage!  >Omada US Enterprise Beta Program Launch< >Get the Latest Omada SDN Controller Releases Here< >Experience the Latest Omada EAP Firmware<
Recommended Solution
  0  
  0  
#4
Options

Information

Helpful: 0

Views: 103

Replies: 3

Tags

Controller VLAN & Multi-Networks
About Us
Press
Copyright © TP-Link Systems Inc. All rights reserved.