Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 6 replies
  • Subscribers 6 subscribers
  • Views 1204 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Vlan passing problem

ChriZathens

Hello guys!

Just a small disclaimer: My problem is actually not related to the UTM at all (other than the fact that I am creating a vlan in the UTM). However posting here in hope someone can help since this forum has a lot knowledgeable and nice people Slight smile

First let me attach a basic network diagram of what I have:

So I have created a vlan (vlan10) on the utm. Added a new DHCP server for this vlan etc

The UTM is connected to  a dumb unmanaged linksys switch. On the same switch I have a unifi Access Point. On the AP I created a secondary guest wifi network that uses vlan 10.

When I connect to that ssid all is good, I get an IP address from the DHCP server of Vlan10 and all. So the dumb switch actually passes through the vlan to the AP without any issues.

This unmanaged switch is connected to a TP-Link homeplug and this gives network to the other side of the house, in my bedroom,  where I also have my tiny home office.

There is another homeplug in the bedroom that is connected to a managed switch (HP procurve) on port 2. On the HP switch, I have various systems connected, including a secondary Unifi AP

If I try to connect directly to the secondary AP, that is in my bedroom, but connect to the guest SSID (vlan10), I never get an IP address from the DHCP server of vlan10.

So the vlan seems not being passed to the bedroom side of the house

On the managed HP switch I have created vlan10 and assigned port 23 to that vlan. Connecting my laptop to the port result in no ip address for the laptop. Assigning a static IP on the vlan10 subnet on the laptop results to nothing ( I cannot ping vlan10 gateway IP)

Additionally tagging port 2 on the HP switch to carry both vlans (the default and vlan10) breaks all connectivity to the UTM side of the house

My best guess is that I need to replace the linksys switch with a managed one and tag the port that goes to the living room homeplug with both vlans (??)

That was my intention from the start (ie to have managed switches on both sides in order to use vlans), but then I realized that the AP which is connected to the dumb switch gets the vlan information without issue, so the dumb switch seems to pass the vlan information just fine... In this regard, I thought that tagging the uplink port on the HP switch (creating a port trunk in Cisco language) would do the trick, but as I mentioned, this breaks all connectivity to the "left" side of the network.

Any insights welcome..

Thanks a lot!



This thread was automatically locked due to age.
Parents
  • 0

    OK guys an update..

    For starters, that dumb switch, for some reason, did pass the vlan information correctly to the UnifiAP, however it seems that it was not able to communicate the data correctly to the secondary managed switch. I will have to take some time to troubleshoot a bit more regarding this statement, though, because it may be possible I made a mistake the first time I tried doing the job without a second managed switch. Anyway..

    I do know that having identical switches gets rid of weird quirks, but since I already had the Netgear Prosafe switch, I really could not justify purchasing another procurve before even trying to make things work with what I already have in hand. (BTW the netgear sw is an 8port switch and it is better suited than the HP for my use case because it is on the TV stand on my living room and the 24 port one was a no go. So if needed I could buy the equivalent 8port HP - 1810-8g)

    Anyway, I ditched the dumb switch. Replaced it with the GS110TP that I already had. Fortunately setting things up on the Netgear was about the same as setting things up on the HP. Et voila... everything started working as it should...

    Both APs now can pass both VLANs, the VLAN only port I set on the HP is working just fine.. Created another port on the Netgear to use only with vlan10, this is working as it should also..

    So thank you guys for the assistance! As I mentioned, that was my initial intention (to use 2 managed switches), but the fact that the AP was getting the vlan information was what lead my to try without a managed second switch first. There are also the Homeplugs in the equation, which may have been the problem (not being able to pass the traffic correctly due to the dumb switch)

    So the whole thing will need to be examined thoroughly another day (perhaps using a 20m cable to connect the dumb switch directly with the HP one)

    But for the time being, all is good and things are working as they should (and using the "proper" way)

    Thanks again!   

     
    Sophos XG Home Licence.

    Machine: Barracuda F12 appliance (Intel Celeron N3350 CPU, 6GB Ram, 80GB sata SSD)
Reply
  • 0

    OK guys an update..

    For starters, that dumb switch, for some reason, did pass the vlan information correctly to the UnifiAP, however it seems that it was not able to communicate the data correctly to the secondary managed switch. I will have to take some time to troubleshoot a bit more regarding this statement, though, because it may be possible I made a mistake the first time I tried doing the job without a second managed switch. Anyway..

    I do know that having identical switches gets rid of weird quirks, but since I already had the Netgear Prosafe switch, I really could not justify purchasing another procurve before even trying to make things work with what I already have in hand. (BTW the netgear sw is an 8port switch and it is better suited than the HP for my use case because it is on the TV stand on my living room and the 24 port one was a no go. So if needed I could buy the equivalent 8port HP - 1810-8g)

    Anyway, I ditched the dumb switch. Replaced it with the GS110TP that I already had. Fortunately setting things up on the Netgear was about the same as setting things up on the HP. Et voila... everything started working as it should...

    Both APs now can pass both VLANs, the VLAN only port I set on the HP is working just fine.. Created another port on the Netgear to use only with vlan10, this is working as it should also..

    So thank you guys for the assistance! As I mentioned, that was my initial intention (to use 2 managed switches), but the fact that the AP was getting the vlan information was what lead my to try without a managed second switch first. There are also the Homeplugs in the equation, which may have been the problem (not being able to pass the traffic correctly due to the dumb switch)

    So the whole thing will need to be examined thoroughly another day (perhaps using a 20m cable to connect the dumb switch directly with the HP one)

    But for the time being, all is good and things are working as they should (and using the "proper" way)

    Thanks again!   

     
    Sophos XG Home Licence.

    Machine: Barracuda F12 appliance (Intel Celeron N3350 CPU, 6GB Ram, 80GB sata SSD)
Children
No Data
Unfiltered HTML