Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 5 replies
  • Subscribers 5 subscribers
  • Views 20514 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Configuring Vlan beetween Tplink TL-SG108E and Sophos UTM home V9

emanueleanni

hi all,

i have a few problems with the configuration of a vlan beetween sophos utm home and the tplink switch.

my sophos has two ethernet interface, one is for ppoe and the other for the local network and the vlan, i set the vlan id at 100 and do the same in the switch tplink, putting the port connected to sophos eth 2 in tagged and the others untagged.

I connect my laptop set the ip to the class of the vlan and when i try to ping my utm it doesn't respond and i can't even ping my modem and surfing internet.

what i'm doing wrong? is the switch not compatible with the vlan methods of sophos or i miss something?

The vlan i created is 101 and it's ip address is 192.168.10.254/24.

Thanks in advice



This thread was automatically locked due to age.
  • 0
    Do you have an Ethernet-Interface tagged with VLAN 101? You should configured an additional interfac with hardware of the local network interface.
  • 0
    Emanuel,
    i suspect you have set the switch wrongly or have a misconception about vlans, let's recap:

    on UTM side:
    1) You have a LAN interface untagged, let's say eth2 i think with a certain IP address(different from the vlan)
    2) you have a ethernet VLAN on the same eth2 with tag 100 and 192.168.10.254/24 (why do you say you've created 101 if before that you say you have 100)

    on the switch:
    1) the port connected to the sophos eth2 needs to be set for tagged VLAN 100 and also untagged as well(for regular lan, usually vlan id 0).
    2) simply putting whatever IP belongs to the VLAN won't work, vlans dont work like that. For the ports that connect to computers, you have to decide wheter they belong to a specific vlan or are tagged as well, for example:
    you want port 8 to be vlan 100, then you have to set that port as untagged member of vlan 100 (it was 0 before), that port WONT be able to access the other VLAN.
    OR you want to chose which vlan to access because your NIC in the PC/notebook has VLAN tagging capability, then you set that port exactly as the one for the UTM (untagged0, tagged 100), then changing the properties of your NIC in windows you chose which VLAN to access, if you set 100 it will access 100, if you don't put anything it will go to 0)
  • 0
    Thanks for all the answers, now I try to explain my entire home network situation:

    1) A RJ11 cable arrives to my modem tplink td-w8970 (192.168.1.1) which is configured in bridge mode and is also used as access point for my wireless devices
    2) A RJ45 starts from the modem and goes to the tplink switch and from that switch another RJ45 cable goes to the eth0 of my utm which is configured as pppoe port
    3) The eth1 of the utm is configured with the ip address (192.168.1.254), the dhcp server is active for the lan 192.168.1.x, and in that port I would like to set the vlan tag 101 with ip address 192.168.10.254/24
    4) The RJ45 cable from the eth1 of the utm returns to the tplink switch and the other ports of that switch are used by my tv, pc and printer

    Now If I correctly understand I need to configure the tplink switch as followed:
    1) the port of the switch connected to the utm in port eth1 need to be configured with the default vlan and the tagged vlan 101 in the same port that will be used for my virtual lab
    2) the first port that will be used exclusively for that vlan will be configured non tagged as the other ports

    Now I explain why I choose this schema, first, due to the lack of wifi antennas in the utm I used my tplink modem mentioned above as access point so the only way to get the work done is to attach all the utm interfaces in the same switch so that one carries the pppoe data and the other the lan 192.168.1.x.
    I hope that this explanation clears all the doubt of my first question. Now I apologies for my noob question.
    Thanks everybody!
  • 0

    This is my switch, in port 4 arrives the cable that carries the lan 192.168.1.x along side with the vlan 192.168.10.x tag 101 and in port 8 i attach a notebook with ip address 192.168.10.1 for testing the vlan:

    and this is how i configured the vlan on the utm:

    maybe in my latest comment i change the interfaces name in fact the ETH0 is the lan 192.168.1.x and the ETH1 is the pppoe port.

    oviusly the result is always the same i can't ping even the vlan interface on the utm from my notebook (192.168.10.1)

  • 0 in reply to emanueleanni
    i made some tests and in the end was the missing configuration on the nic of my notebook the other configurations were correct. thanks again to all!
Unfiltered HTML