ER7206: Members of added VLANs cannot ping each other.
Members of added VLANs, excluding the factory default non-removable vlan, cannot ping each other. They can ping internet web pages. Members of the factory default vlan can ping each other, internet web pages, and members of other vlans.
When peforming a tracert, no routing information is returned for added vlan IPs.
How do I enable it so members of added vlans can ping each other?
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Hi @martincom
Thanks for posting in our business forum.
What kind of VLAN did you configure? Is it a VLAN interface? Or 802.1Q VLAN? What other devices do you have?
If you use 802.1Q VLAN, VLAN is isolated. While the VLAN interface is not unless you have set up ACL.
About 802.1Q VLAN and its effect: How to configure 802.1Q VLAN on Smart and Managed switches using the new GUI
BTW, if you are using VLAN interface but still cannot ping each other, consider your firewall. You should at least be able to ping the other VLAN gateway. If the gateway is pingable, then the router's fine.
- Copy Link
- Report Inappropriate Content
@Clive_A I have two, stacked, Dell 5548P switches between the ER7206 and the network clients. It is an 802.1Q configuration. I'm going to speculate that Cisco built the Dell units, as the CLI commands are near identical, if not identical.
The Dell 5548P is configured for DHCP relay and the ER7206 is confiured to have a DHCP server for each VLAN.
When I define the primary DNS server, for VLAN 300, VLAN members cannot ping each other or the router gateway. If I do not define the primary DNS server and leave it blank, then the router gateway can be pinged by members, but not, of course,between members.
VLAN 100, which is the factory, un-deletable, VLAN functions OK. VLAN 100 and 300 are configured exactly, short of IP addresses, the same, but yet the ping issues only impact VLAN 300.
- Copy Link
- Report Inappropriate Content
@martincom PVID is 1 so depending on the dell switches that are like cisco, to get switchport trunk allowed vlan to work without a native the PVID would have to match the tagged number as well, otherwise it won't match the other end.
pvid 100 & tag 100 =
switchport trunk allowed vlan 100
switchport mode trunk
Its possible that the ping is matching 1 and not 300
Thats my experience with it anyway.
- Copy Link
- Report Inappropriate Content
@soupastars If the connection to the switch (VLAN 300) was from an untagged interface that would be correct. However, that is not the case here. The interface is a trunk, which passes the tags from the switch to the router. A trunk will not pass any untagged traffic, except for VLAN 1, which is typically the native VLAN. For the router to respond to VLAN 1, the receiving port must have its PVID set as 1.
Regardless, this doesn't have anything to do with the issue at hand.
- Copy Link
- Report Inappropriate Content
Hi @martincom
Thanks for posting in our business forum.
I have no idea about the Cisco/Dell switch. But the config on the 7206 is fine. Trunk is good, too. In this kind of setup, the switch has to be set up with the 802.1Q VLAN alone as the interface is created on the router. So, I never tried to set up a DHCP relay on this as we always recommend you use 802.1Q VLAN on the switch and it should do it.
This is what I'd like to point out. So, if you are willing, you set it to 802.1Q VLAN on your switch and test it again.
Another possible cause on your network could be the routing tables. I think you can probably investigate in that way.
- Copy Link
- Report Inappropriate Content
@martincom SOLVED The issue was a conflict between hardware and software VLAN assignments.
This is a Server 2019 host with a Server 2019 VM. They both were served by a common, 10gb, NIC. The host vlan was set in the NIC hardware (Adapter properties\advanced drop down.) The VM vlan assignment was made within the hyper manager virtual switch tool, where the VM virtual interface is created. Apparently, it does not like to function properly on top of the hardware assigned vlan. It had me fooled, as the host operation was 100% and the VM could access the internet, and the LAN briefly, at times..
To resolve the issue, I configured a virtual NIC team on the host. See the link within this title: Configuring Multiple VLAN Interfaces on Windows (I would have included an embedded link, but the forum software stated it was "illegal".) I configured a virtual interface on the team, for the host, and assigned the vlan within. I utilized the virtual switch, within hyper manager, to create the VM virtual interface, as you would normally, and assiged the VM VLAN within.
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 949
Replies: 6
Voters 0
No one has voted for it yet.