SG3428X vlan question

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

SG3428X vlan question

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
SG3428X vlan question
SG3428X vlan question
2022-11-21 00:14:34
Model: TL-SG3428X  
Hardware Version: V1
Firmware Version: 1.0.7 Build 20220606 Rel.58990

My question:  Can one device contact another device in a different Vlan?

 

My understanding: If Vlans are created on this switch, they can contact each other (ping) unless ACLs are created to block it.

 

Test setup:  SG3428X switch.  Vlan1 is set to 10.10.1.1/24. I create Vlan10 at 10.10.10.1/24, I create Vlan20 at 10.10.20.1/24 and Vlan30 at 10.10.30.1/24.

There is NO router connected to this switch.  I have ports 1,2,3,4 as access ports for Vlan1   I have ports 5,6,7,8 on Vlan10, ports 9,10,11,12 on Vlan20 and ports 13,14,15,16 on Vlan30.

 

I connect laptop 1 with a static ip address of 10.10.1.16/24 to port 1.

I connect laptop 2 with a static ip address of 10.10.10.10/24 to port 5.

I connect computer 1 with a static ip address of 10.10.20.5/24 to port 11. (ran out of laptops)

I connect computer 2 with a static ip address of 10.10.30.8/24 to port 15.

 

I cannot ping from any device to any other device.

 

If I reset the static address of laptop 2 to 10.10.1.10, still connected to port 5, I cannot ping any other device.

If I change the connected port of laptop 2 to port 2, I can ping laptop 1 and laptop 1 can ping laptop 2.

 

My conclusion is that one Vlan cannot contact another Although this goes against what I was told and saw on TP-Link's website.

 

Am I missing something?

  0      
  0      
#1
Options
3 Reply
Re:SG3428X vlan question
2022-11-22 09:11:33

  @Bart.H 

 

By default, without ACL settings, different VLAN Interfaces can access each other.

Suggest that you try to turn on DHCP for each VLAN Interface, and then do not set static IPs for the PCs connected behind switch, but dynamically obtain the IPs of the front-end, and then test it.

 

Best turn off the firewall and test again.

Just striving to develop myself while helping others.
  0  
  0  
#2
Options
Re:SG3428X vlan question
2022-11-22 23:08:57

  @Virgo 

That was pretty much what I was trying to do.

I disconnected the router to eliminate it from the system so it would not be the cause of anything.  The DHCP server is on the router, that's why I had to static address each laptop.

 

I did a factory reset on the switch and then configured only the vlans and the switch ports for each vlan.  There was no static route configured so I knew I would not be able to see the internet and of course, with no router I would not be able to see it anyway..  I wanted to have only vlans available.  This meant I would have to give a static address to each computer on the switch.  Of course, if I configured two computers to the same subnet, I could ping from one to the other.  That's as it should be.  But, with this setup, I could not ping from one vlan to another.  That's what confuses me.

 

Bart

 

I

  0  
  0  
#3
Options
Re:SG3428X vlan question
2022-11-23 01:55:56

  @Bart.H 

 

Have you set up the PVIDs? Have you enabled the IPv4 routing? Have you set the gateways on laptops/computers to the IP addresses of the VLAN interfaces?

Kris K
  0  
  0  
#4
Options