Hello everyone, I need help with configuring inter-VLAN routing on my network. I have provided a visual layout for reference, which you can view here: [link]. I want VLAN30 to have access to VLAN10 and VLAN20, but I do not want VLAN10 and VLAN20 to communicate with each other. I have been following a guide for setting this up, but I am encountering an error when trying to enable routing. I also have a connection to another switch via a Trunk line, which may be causing complications. Below is the error message I am receiving: [link]. Here are the VLAN settings on JM MS 02: [link]. I have selected "Lanbase routing" in the SDM-Template and ensured that both switches have the same VLAN configurations. Can anyone spot what I might be missing in my setup? Thank you for any guidance you can provide.
I'm sorry, but I don't have experience with Stratix switches. However, I have successfully achieved the desired outcome using a Cisco firewall and trust settings.
I have primarily utilized the command line for setting up inter-VLAN routing, so I may not be as familiar with configuring it through the web interface. However, I can offer some potentially useful insights. If both of your switches are configured identically to the VLAN screenshot you provided, and you only want one switch to act as the router, there may be an IP address conflict if both switches have the same IP addresses for each VLAN. It's important to note that just because a VLAN is configured on a switch, it doesn't necessarily mean that switch needs to have an IP address assigned for that VLAN. Typically, IP addresses are only assigned to VLANs if the switch management interface needs to be accessible from that VLAN, or if the switch is functioning as a router for that VLAN. The IP addresses of the switch acting as your router should serve as the gateway addresses for devices on each VLAN. For instance, referring to your screenshots, PLC-1 on VLAN 20 should have 172.029.118.65 as its gateway address (assuming this has not been set up yet). As for blocking communications between VLANS 10 and 20 through the web interface, this may require the use of Access Control Lists, which cannot be configured through the web interface.
Insufficient information provided. In addition to routing, it is essential to also utilize Network Address Translation (NAT).
Displaying screenshots of the dashboard and settings can provide a visual overview of the platform's interface and customization options.
I encountered the same issue when I conducted a trial. To make this process successful (or visible), you need to deactivate your internet-connected Ethernet port. Windows automatically attempts to direct traffic through this port. By disabling the port and configuring your switch, you can establish your VLANs and direct traffic as desired. If you are utilizing FactoryTalk Linx as your communication software, avoid using a Broadcast driver and opt for range mode instead. Then, include the desired IPs for monitoring. I struggled with this tutorial in the past but resolved it by implementing these steps, which eliminated VLAN cross-talk. Feel free to reach out for further assistance if needed.
Based on your description and the error message you provided, it seems like the issue lies within the access control list (ACL) set up on your switch. While enabling LAN based routing, you might have overlooked setting up the proper 'permit' and 'deny' rules in your ACLs for the VLANs. For allowing VLAN30 to access both VLAN10 and VLAN20, but restricting VLAN10 and VLAN20 from communicating with each other, you need to set up ACL rules accordingly. Also, the Trunk line should not cause complications unless your trunk allowed VLAN list is incorrectly configured. I'd recommend checking these points and hopefully, it will resolve your issue.
Sounds like you've got most of it set up correctly. However, one thing to keep in mind when dealing with inter-VLAN routing is the importance of Access Control Lists (ACLs). By implementing proper ACLs, you can effectively control traffic flow between your VLANs. In your specific scenario, you can use ACLs to allow VLAN30 to access VLAN10 and VLAN 20, but deny communication between VLAN10 and VLAN20. Furthermore, double-check your trunking configuration on both switches and ensure there's agreement on the encapsulation method. As for the error, without knowing what error you are encountering, I'd typically suggest checking if there is a duplex mismatch or if there's a misconfigured IP Helper address. Hope this helps!
Based on your description and the visuals provided, it seems like you've covered most of the necessary steps. Here's one potential area to investigate: check the settings for your inter-switch trunk link. It's crucial to ensure that it's allowing the necessary VLANs across. I'd suggest you take a look at the configuration of your trunk port, making sure it's properly set to allow VLAN30, VLAN10, and VLAN20. Sometimes, issues like these can arise if there are inconsistencies in your trunk configuration. This won't necessarily solve your issue, but it's a good place to check. Keep us updated!
It sounds like you're on the right track with VLAN configurations, but your issue might stem from the routing settings or ACLs. Make sure that your router or Layer 3 switch has the routing enabled correctly for the relevant VLANs to communicate. Since you want VLAN30 to access both VLAN10 and VLAN20 without them communicating with each other, you'll need to configure access control lists (ACLs) to enforce this separation. Also, double-check your trunk configuration; if it's not set up correctly, it might prevent the VLANs from routing properly. If you still have trouble, reviewing the error message in more detail could shed light on any specific misconfigurations. Good luck!
✅ Work Order Management
✅ Asset Tracking
✅ Preventive Maintenance
✅ Inspection Report
We have received your information. We will share Schedule Demo details on your Mail Id.
Answer: Answer: The user is facing an error when trying to enable routing, possibly due to a configuration issue or a complication with the Trunk line connection to another switch.
Answer: Answer: You can achieve this by setting up proper inter-VLAN routing rules and access control lists (ACLs) on the switch.
Answer: Answer: Selecting "Lanbase routing" in the SDM-Template is important for enabling the switch to perform Layer 3 routing functions between different VLANs.
Answer: Answer: You need to verify and synchronize the VLAN configurations on both switches to ensure consistency and proper communication between VLANs.
Join hundreds of satisfied customers who have transformed their maintenance processes.
Sign up today and start optimizing your workflow.