Community discussions

 
mikeghosty
just joined
Topic Author
Posts: 4
Joined: Sun Jul 21, 2019 8:40 pm

Vlan config and bridging

Sun Jul 28, 2019 2:02 pm

Hi there so I'm a little confused. I've read all the guides and forum. Posts so I may have gone wrong but this is what I need.

20 VLans trunked down port 1 hexs routerboard
Routing between trusted VLans only.
DHCP +gateway with dhcp pool on each VLan
Port 2+3 Managment untagged ports on Vlan 1
Ports 4+5 Wan ports.

So it seems I've correctly setup the wans and NATS as they seem to be behaving. My issue is vlan and bridge

My config
Bridge with vlan filtering. PVID 1
Bridge ports 1/2/3
Bridge vlan trunked 1-20 on ports 1
Bridge vlan untagged 1 on ports 2/3 & bridge
Trusted and un-trusted vlan interface lists
Vlan interfaces created on ethernet 1
Dhcp servers on each vlan interface with pool.
Ip address on each vlan interface
I have a firewall rule blocking vlan routing using interface lists. Untrusted-vlan and trusted-vlan.

So all good in the main network however. Webfig is not accesable on the Managment vlan PVID 1. Also ports 2 and 3 can't talk to devices on Managment vlan except the router. But you can talk to devices on other VLans.........

Where have I gone wrong.

M
 
mkx
Forum Guru
Forum Guru
Posts: 2583
Joined: Thu Mar 03, 2016 10:23 pm

Re: Vlan config and bridging

Sun Jul 28, 2019 2:33 pm

There are many points where things might have turned wrong way. Post output of /export hide-sensitive after you've mangled any remaining sensitive data such as public IP addresses ...
BR,
Metod
 
sid5632
Member
Member
Posts: 348
Joined: Fri Feb 17, 2017 6:05 pm

Re: Vlan config and bridging

Sun Jul 28, 2019 2:37 pm

Where have I gone wrong.
In not providing a configuration export.
 
anav
Forum Guru
Forum Guru
Posts: 2894
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada

Re: Vlan config and bridging

Mon Jul 29, 2019 4:23 pm

Step one: Read this informative and excellent post on the topic of Vlans
viewtopic.php?f=13&t=143620

Step two: Draw a diagram of your network

Step three: Post your config:
/export hide-sensitive file=yourconfig29Jul

If you don't want to post a config then your simply wasting our time.
I'd rather manage rats than software. Follow my advice at your own risk! (Sob & mkx forced me to write that!)

Who is online

Users browsing this forum: No registered users and 33 guests