One VLAN not working

Started by GregTheHun, September 27, 2022, 09:21:05 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
September 27, 2022, 09:21:05 PM Last Edit: September 27, 2022, 10:29:02 PM by GregTheHun
So, I've got some VLANs on my router

11 = IoT
12 = Kids network
13 = Servers

They are all setup in the same way (in the VLANs section of Interfaces), and all of them have the LAN as a parent. Outside of firewall rules, they all work except for the server one, They all have a default allow out rule at the end. The layout is the picture below.



However, anything connecting to the Servers VLAN refuses to connect, what could be wrong?
September 28, 2022, 02:05:06 PM #1 Last Edit: September 28, 2022, 02:08:30 PM by Demusman
What switchport goes to the router?
You have ports 1-3 for vlan 13, is that 1 through 3 or 1 and 3??
Is vlan 13 on a separate router interface?
Same with the others, 7-8 are vlan 11 and 12??
You're using public IP's??
You made a mess there.

You say the LAN is the parent for all.
So you need a trunk port carrying all vlans to the switch.

You need to use one interface going to the router with all vlans on it. LAN can be untagged, all others tagged. Then you need to untag switchports with the vlan needed for the equipment plugged into it.
You can't use two untagged vlans on a single interface.
October 07, 2022, 07:15:26 PM #2
Actually, I figured it out, VLAN 13 wasn't connected to Port 8 (the port connected to the router).

Once I did that, then addresses could be pulled.

The image below shows the VLAN not added to my port 8, which is causing the problems.

October 08, 2022, 12:18:29 AM #3
Yeah, that was my point with the trunk port.
Did you change to private IP's??
October 13, 2022, 08:51:01 PM #4
So, I thought the error might've been fixed, but apparently even though I'm able to ping my proxmox server's IP. It's still not grabbing from the IP range in 13.0.0.0/16.

Is there any other things I could be missing, and what can I present to help you see what's up?
October 13, 2022, 09:32:19 PM #5
First, stop using public IP's.
What's so difficult about that??

Let's say Google's address is 13.0.0.2 and you are using that subnet as a local network.
Do you think you'll ever be able to reach Google?? No way, why would a local address ever try to leave your network?
Second, those addresses belong to someone who is paying for them. They don't want you using them.

It's not hard to change them to 10.10.x.x, 10.11.x.x and 10.13.x.x
And why are you using /16's on a local network? Do you have any idea how much extra traffic that creates?

Show an image of how it's configured now.
Print
Go Up Pages1
User actions