I have an ER8411 router and a TL-SG1218MPE switch. I'd like to create a new VLAN 20 that uses IP range 10.20.0.0/16. For now, I'm just trying to get the basic configuration working.

 

The setup that I want is this:

• All devices plugged into the switch should be on VLAN 20
• I should still be able to reach the switch from VLAN 1 in order to manage it.
• The ER8411's port 7 is connected to the TL-SG1218MPE's port 18.
• Devices on VLAN 20 should still be able to access some new VLANs I'm planning to create, but not all of them. That's a future thing though - I guess I'll need firewall rules for that. For now I'm just trying to get a super basic setup working.

 

On the ER8411

Network > LAN > Network List, added a new LAN with this configuration:

IP Address: 10.20.0.1

Subnet mask: 255.255.0.0

VLAN: 20

DHCP Mode: DHCP Server

Starting IP: 10.20.2.1

Ending IP: 10.20.2.255

 

Network > VLAN > VLAN List:

Added a new VLAN with VLAN ID 20 and ports set to 7 (TAG)

 

I modified VLAN 1 so that port 7 is TAG rather than UNTAG
I set the PVID for port 7 to VLAN 20

 

 

On the TL-SG1218MPE

VLAN > 802.1Q VLAN:

Enabled it

Added VLAN 20 with 1-17 as untagged ports and 18 as tagged port

Edited VLAN 1 to only have port 18 as a member, as a tagged port

 

What works

I'm able to access the switch from a computer in VLAN 1.

 

What's broken

I connected a computer to a port on the switch for testing.

• DHCP isn't working
• If I configure a static IP manually, I can ping other computers connected to the same switch, but I can't ping the gateway (10.20.0.1) - it just times out. Because of that, I also can't ping any devices on VLAN 1 either. I've read conflicting information about whether devices on different VLANs can reach each other by default.

 

Any ideas? Am I doing something obviously wrong?

 

Thanks!