Hi all,
I have a huge problem with simple ping to NAS VLAN from any other VLAN. I tried almost everything and it just doesn't work.
My infrastructure:
Sophos firewall with NAS VLAN 2, no DHCP, Synology has fixed IP X.X.2.100 on port 2 with gateway and DNS set up to network address X.X.2.1. Next, USERS VLAN 3 with DHCP from X.X.3.100 and DNS and gateway set up to network address X.X.3.1. There is also management VLAN 10 with DHCP X.X.10.100 and DNS/gateway X.X.10.1. Synology is a member of this VLAN on port 1 with fixed IP X.X.10.103
I disabled firewall on Synology, didn't make any traffic control yet. On Sophos I created rule from zone USERS to NAS without restrictions.
I connected port 1 from Synology with fixed IP from VLAN 10 to untagged VLAN 10 port on Unifi switch. Next I connected port 2 from Synology with fixed IP from VLAN 2 to untagged VLAN 2 port on Unifi switch. At the end of the day, I would like to restrict port 1 to DSM only (for NAS management) and port 2 to file sharing only (SMB/FTP/AFP), but for now, all services are available on both ports.
Now, the problem is, when I'm pinging NAS on X.X.10.103 and my computer is in VLAN 10, NAS responds. When I try to ping NAS on X.X.2.100 from the same computer, it doesn't respond. When I switch port from my computer and connect it to VLAN 3, I can't ping any of the NAS addresses. Additionally, when I ping another device on VLAN 3 from computer in VLAN 10, it responds. What the hell is wrong with my setup?
This thread was automatically locked due to age.
