Advertisement
I currently have 3 VLANs. VLAN 1 is my default VLAN, and has on it a DHCP server, and my internet router.<\/p>\n
I have set up VLAN 2 and VLAN 3, and my layer 3 switch has routing enabled and an IP for each VLAN.<\/p>\n
The layer 3 switch is also set up with DHCP helper addresses, so that devices on VLAN 2 and 3 can both get IP addresses in the correct range from the DHCP server on VLAN 1.<\/p>\n
All devices on all VLANs can ping each other, expect that devices on VLANs 2 and 3 are unable to ping the router on VLAN 1, or get any internet connection.<\/p>\n
The Layer 3 switch has it’s default gateway at the router, and I hoped that this would be used as the next hop for accessing sites outside my LAN.<\/p>\n
All of the devices on my network have the layer 3 switch as their default gateway, using the correct IP address for their specific VLAN.<\/p>\n
So far, I have not done anything on the routing table of the layer 3 switch at all. It’s all on it’s default settings. I think I need a default route of some sort setting up, so that when people try to access the router, the Layer 3 can point them in the right direction.<\/p>\n
However I’m not sure of the best way to do this. Can I set some sort of default rule that says that all internet traffic from all VLANs should look beyond the layer 3 switch, or do I need a specific rule for each VLAN to say where the internet traffic needs to go?<\/p>\n
Any help would be greatly appreciated!<\/p>\n
EDIT:<\/p>\n
Here is my (sanitised) routing table.<\/p>\n
IP Route Entries<\/p>\n
Destination Gateway VLAN Type Sub-Type Metric Dist.<\/p>\n
0.0.0.0/0 1.2.3.4 1 static 10 1
\n10.0.8.0/24 Zone-8 108 connected 1 0
\n10.0.1.0/24 DEFAULT_VLAN 1 connected 1 0
\n127.0.0.0/8 reject static 0 0
\n127.0.0.1/32 lo0 connected 1 0<\/p>","upvoteCount":4,"answerCount":7,"datePublished":"2018-05-21T08:21:19.000Z","author":{"@type":"Person","name":"jamesbray4","url":"https://community.spiceworks.com/u/jamesbray4"},"acceptedAnswer":{"@type":"Answer","text":"
I’ve just solved this - my setup was fine, but the internet router (which I am unable to configure) was only aware of my original VLAN so was unable to send the traffic back. It’s been resolved by my ISP modifying this rule.<\/p>","upvoteCount":0,"datePublished":"2018-05-21T13:12:48.000Z","url":"https://community.spiceworks.com/t/unable-to-reach-the-internet-from-vlans-hpe-network/652627/7","author":{"@type":"Person","name":"jamesbray4","url":"https://community.spiceworks.com/u/jamesbray4"}},"suggestedAnswer":[{"@type":"Answer","text":"
I currently have 3 VLANs. VLAN 1 is my default VLAN, and has on it a DHCP server, and my internet router.<\/p>\n
I have set up VLAN 2 and VLAN 3, and my layer 3 switch has routing enabled and an IP for each VLAN.<\/p>\n
The layer 3 switch is also set up with DHCP helper addresses, so that devices on VLAN 2 and 3 can both get IP addresses in the correct range from the DHCP server on VLAN 1.<\/p>\n
All devices on all VLANs can ping each other, expect that devices on VLANs 2 and 3 are unable to ping the router on VLAN 1, or get any internet connection.<\/p>\n
The Layer 3 switch has it’s default gateway at the router, and I hoped that this would be used as the next hop for accessing sites outside my LAN.<\/p>\n
All of the devices on my network have the layer 3 switch as their default gateway, using the correct IP address for their specific VLAN.<\/p>\n
So far, I have not done anything on the routing table of the layer 3 switch at all. It’s all on it’s default settings. I think I need a default route of some sort setting up, so that when people try to access the router, the Layer 3 can point them in the right direction.<\/p>\n
However I’m not sure of the best way to do this. Can I set some sort of default rule that says that all internet traffic from all VLANs should look beyond the layer 3 switch, or do I need a specific rule for each VLAN to say where the internet traffic needs to go?<\/p>\n
Any help would be greatly appreciated!<\/p>\n
EDIT:<\/p>\n
Here is my (sanitised) routing table.<\/p>\n
IP Route Entries<\/p>\n
Destination Gateway VLAN Type Sub-Type Metric Dist.<\/p>\n
0.0.0.0/0 1.2.3.4 1 static 10 1
\n10.0.8.0/24 Zone-8 108 connected 1 0
\n10.0.1.0/24 DEFAULT_VLAN 1 connected 1 0
\n127.0.0.0/8 reject static 0 0
\n127.0.0.1/32 lo0 connected 1 0<\/p>","upvoteCount":4,"datePublished":"2018-05-21T08:21:20.000Z","url":"https://community.spiceworks.com/t/unable-to-reach-the-internet-from-vlans-hpe-network/652627/1","author":{"@type":"Person","name":"jamesbray4","url":"https://community.spiceworks.com/u/jamesbray4"}},{"@type":"Answer","text":"
I will double check my core switch as well when I get in the office, but I have a similar setup and I have<\/p>\n
ip route 0.0.0.0 0.0.0.0 default gateway subnet<\/p>","upvoteCount":0,"datePublished":"2018-05-21T09:15:32.000Z","url":"https://community.spiceworks.com/t/unable-to-reach-the-internet-from-vlans-hpe-network/652627/2","author":{"@type":"Person","name":"cweb","url":"https://community.spiceworks.com/u/cweb"}},{"@type":"Answer","text":"
So assuming my default gateway is 1.2.3.4 on with the subnet mask of 255.255.255.0 I would need:<\/p>\n
ip route 0.0.0.0 0.0.0.0 1.2.3.4/24<\/em><\/p>\n My routes table has the following headings on each of the default rows:<\/p>\n Destination | Gateway | VLAN | Type | Sub-type | Metric | Dist<\/p>\n The top row is currently:<\/p>\n 0.0.0.0/0 | 1.2.3.4 | 1 | static | n/a | 10 | 1<\/p>\n Does that mean that I have the default route, but that it is currently only applying to VLAN 1, and not 2 and 3?<\/p>\n Thanks for your help!<\/p>\n @cweb<\/a><\/p>","upvoteCount":0,"datePublished":"2018-05-21T10:12:53.000Z","url":"https://community.spiceworks.com/t/unable-to-reach-the-internet-from-vlans-hpe-network/652627/3","author":{"@type":"Person","name":"jamesbray4","url":"https://community.spiceworks.com/u/jamesbray4"}},{"@type":"Answer","text":" So I tried running the command:<\/p>\n ip route 0.0.0.0/0 1.2.3.4<\/p>\n However because there is already a line in the routing table with these addresses, it didn’t seem to do anything. The one that is there only seems to apply to vlan 1:<\/p>\n 0.0.0.0/0 | 1.2.3.4 | 1 | static | n/a | 10 | 1<\/p>\n I could try removing the line and then re-adding it, but I can’t do that right now as that route is being used.<\/p>\n I can’t seem to find the correct syntax for applying a route to specific VLANs, or a command to create a route for all VLANs…<\/p>","upvoteCount":0,"datePublished":"2018-05-21T10:48:19.000Z","url":"https://community.spiceworks.com/t/unable-to-reach-the-internet-from-vlans-hpe-network/652627/4","author":{"@type":"Person","name":"jamesbray4","url":"https://community.spiceworks.com/u/jamesbray4"}},{"@type":"Answer","text":" Have you set up inter-VLAN routing? 802.1Q encapsulation with subinterfaces set for each VLAN on the connection from your layer 3 switch to the default gateway I think will solve your problem.<\/p>","upvoteCount":0,"datePublished":"2018-05-21T12:32:33.000Z","url":"https://community.spiceworks.com/t/unable-to-reach-the-internet-from-vlans-hpe-network/652627/5","author":{"@type":"Person","name":"nathanpeterson2","url":"https://community.spiceworks.com/u/nathanpeterson2"}},{"@type":"Answer","text":" Yes, inter VLAN working was fine for everything apart from the internet connection.<\/p>\n I’ve just solved this - my setup was fine, but the internet router (which I am unable to configure) was only aware of my original VLAN so was unable to send the traffic back. It’s been resolved by my ISP modifying this rule.<\/p>","upvoteCount":0,"datePublished":"2018-05-21T13:12:04.000Z","url":"https://community.spiceworks.com/t/unable-to-reach-the-internet-from-vlans-hpe-network/652627/6","author":{"@type":"Person","name":"jamesbray4","url":"https://community.spiceworks.com/u/jamesbray4"}}]}}
<\/a>Destination | Gateway | VLAN | Type | Sub-type | Metric | Dist<\/h2>\n