10-24-2012 03:24 AM
I am completely new to 5406 routing. So, please be patient to my questions.
I currently have a network 10.0.4.0/22; all connected to a 5406 switch in VLAN 1 (ip10.10.7.238 / 22).
Now, I need to separate into some VLANS.
I just added VLAN 203 (ip 10.10.0.1 / 24).
I managed to use ip helper-address so that under the new VLAN 203, I can get IP from DHCP server (ip 10.10.7.13) in VLAN 1
The problem is how can I allow my computers in VLAN 203 to be able to see servers and internet routers in VLAN 1?
I have added the following commands
ip default-gateway 10.10.7.253 (in VLAN 1)
ip route 0.0.0.0 0.0.0.0 10.10.7.253
Actually, I have tried some ACL settings but no luck.
I guess inter VLAN routing should be enough for my purpose. What are the steps and commands that I should do?
10-24-2012 04:25 PM
Yes, on VLAN 203, the default gateway is set to 10.10.0.1
On VLAN 1, the default gateway is set to 10.10.7.253.
I think this is all I need to do, but the fact is on VLAN 203, I can get IP from DHCP, I can ping to the DHCP server but not others. I suppose that 5406 will help me do the routing. Any idea? Am I missing anything?
10-24-2012 11:46 PM
You should change gateway on VLAN 1 to ip10.10.7.238. This is ip configured on switch for VLAN1. True?
Computers on vlan1 that has ip 10.10.7.253 configured just send all comunication to default gw.(no intervlan routing)
10-29-2012 08:47 PM
I have set the computer in VLAN 203 to have default gw=10.10.0.1, and tried some computers in VLAN 1 to have default gw=10.10.7.238 . But seems not working.
Then I add another VLAN 202, the default gateway is set to 10.10.2.1 (also this is the IP of VLAN 202). I find that the routing is successful.
Is it a problem of my setting or should I just need to wait for a while to be effective?
And I want to know if I would allow computers in VLAN 203/202/ .... to be able to access to the Internet. What should I do?
I think I am done but not. From VLAN 203, default routes to 10.10.2.1 (5406 switch) then the switch routes to default gw 10.10.7.253 which is in VLAN 1. That's it.... But not working. I am using pfSense to act as the router.