Initial VLAN Configuration with TP-Link SG2428P
I'm configuring a VLAN for the first time on a TP-Link SG2428P managed switch with Firewalla Gold.
I have configured my VLAN on the Firewalla as follows:
- VLAN202
- Ports 1-3 are all part of both the LAN group and the VLAN202 group.
- VLAN202 subnet is 10.0.202.0/24
On my managed switch, I have the following:
- VLAN202
- Ports 1-8 and 24 are all part of the VLAN; 24 is the trunk port.
- Ports 1-8 all have PVID 202 set (port 24 does NOT have a PVID set, because I'm not able to set more than one PVID on the port, and it also needs to be part of the default VLAN).
I think I have the switch configured correctly. When I plug a machine into one of the ports in the 10.0.202.0/24 subnet (my LAN subnet is 10.0.201.0/24).
I know that I'm connecting to the Firewalla, because I'm getting an IP address and my DNS/Default Route match what I have set in the VLAN202 settings in Firewalla. However, I am not able to ping other devices in the same VLAN that I'm in (ping gives me "Destination Host Unreachable," SSH gives me "no route to host"). I'm also unable to get out to the Internet (e.g., nslookup, web browser, etc.).
I tried to turn off all rules for my test machine, but even that doesn't work.
What am I doing wrong?
-
I did more research last night. There were no actual instructions for configuring a VLAN that I was able to find, just some examples, which weren't very clear. I had tagged ALL ports in the VLAN, rather than tagging the trunk and adding the others as untagged, then setting the PVID on them (although I did set the PVID on them). Once I did this, everything worked as expected.
I'm on that VLAN right now, successfully browsing the Internet and am able to ping other hosts on the network.
Oddly, it was Cisco documentation that best helped me configure my TP-Link switch. :D
Please sign in to leave a comment.
Comments
2 comments