This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

IP Forwarding trouble - hosts can't talk to hosts on a different vlan

IP Forwarding trouble - hosts can't talk to hosts on a different vlan

Brian_Butts
New Contributor II

‎09-16-2015 03:14 AM

I have a x450e-24p I picked up recently and am trying to configure it as my core switch. I have two Vlans, BNS-MGMT and BNS-Net, that need to communicate. I have tagged both vlan's but all ports are left untaghed. BNS-MGMT 10.1.20.1 tag 20 Ports 17 & 18 untagged BNS-Net 10.1.30.1 tag 30 Ports 9-16 untagged BNS_Net has DHCP enabled with a range of 10.1.30.100 - 10.1.30.199/24. Default gateway is assigned vlan switch IP (10.1.30.1) BNS_MGMT does have the default gateway assigned at 10.1.20.1. DHCP is not enabled. There is only a sonic wall with a static IP 10.1.20.5/24. IP Forwarding is enabled on each vlan. The sonic wall can ping the switch address on its own network (10.1.20.1). The switch can ping it. The switch can ping all nodes on all vlan's. I have a host on BNS-Net (10.1.30.100/24) that can ping the switch's IP on the BNS-MGMT network and the BNS-NET network. However, it cannot ping the firewall (10.1.20.5). The firewall cannot ping it either. What am I missing here? I don't think RIP is necessary here when I'm on a single switch. I'm using the "VR-Default" router.
0 Kudos
8 REPLIES 8

Prashanth_KG
Extreme Employee
In response to Brian_Butts

‎09-16-2015 04:01 AM

Hi Brian,

If 10.1.20.10 can reach 10.1.30.1, then the AP has a gateway to reach any other network and that is 10.1.20.1. Similarly, are you able to reach 10.1.20.1 from 10.1.30.100? If not, please check if the default gateway is configured. Trunking is not necessary to the link connecting to the firewall as switch is acting as Layer 3. However, each host in the network should know how to reach other subnets with default gateway pointing to the switch VLAN IP address.

Hope this helps!
P.S. If these hosts are windows PCs, just check if the ping is allowed by the firewall..
0 Kudos

Mike_Lane
Extreme Employee

‎09-16-2015 03:42 AM

As Zdenek wrote, the hosts routing tables are the likely issue here. The forwarding of packets on the switch can be verified with the "show ipstats" command, but I am willing to bet that the switch is forwarding OK.
0 Kudos

Thomas__Ajo
Extreme Employee

‎09-16-2015 03:31 AM

Have you configured the default route in firewall?
Check the appropriate routes are configured on firewall for this subnet.
0 Kudos

Zdeněk_Pala
Extreme Employee

‎09-16-2015 03:20 AM

Check routing table on your firewall. Seems as those user subnets are not known to your firewall.
Regards Zdeněk Pala
0 Kudos
GTM-P2G8KFN