Configure routing and internet access between VLANs

Configure routing and internet access between VLANs

Configure routing and internet access between VLANs
Configure routing and internet access between VLANs
2024-06-06 07:57:17 - last edited 2024-06-16 05:13:08
Model: TL-SG3428X-M2  
Hardware Version:
Firmware Version: 1.20.1 Build 20240423 Rel.70639

Hi,

 

I was looking through multiple post but couldn't find the right answer for my issue.

This is my first router with VLAN and I have the following scenario:

 

I want to setup multiple VLANs for differnt purposes and some should have internet connection. In detail

 

System VLAN - 1 - internet access (Standard)

Maintenance VLAN - 99 - without internet access

Server VLAN - 20 - internet access

Router VLAN - 30 - Gateway (Fritzbox)

 

The harder part is now that I have an AD, DNS and DHCP server which should be the main point the server and system VLAN.

All servers have a static IP but everything inside system VLAN should be done via DHCP server.

 

The internet gateway will be the Fritzbox.

 

I sestup the VLANs in the L2 802.1Q VLAN section and added the untaggged ports to it.

Additionally I set the PVID for each porrt in the "Port Config" section.

 

If I read the manual correctly routing should be factory enabled but I cannot reach the internet.

Even setting a static route for 0.0.0.0/0 didn't help.

 

As I'm quite new to this help is appriciated.

 

Thank you.

/tiganita

  0      
  0      
#1
Options
1 Accepted Solution
Re:Configure routing and internet access between VLANs-Solution
2024-06-11 01:08:25 - last edited 2024-06-16 05:13:08

Hi @tiganita 

Thanks for posting in our business forum.

tiganita wrote

Hi  @Clive_A ,

 

if I understand you correctly and looking through the notes of the second link it means that the switch alone is not capable of inter/multi-VLAN NAT-ing.

In that case I would need to have a router with this capability.

 

Does TP-Link have one with a modem included?

 

Thanks for your help!

 

BR

/Bryan

 

Yes, correct. Now we are talking.

Modem, nope. Router, yep.

Our Omada solution can provide the VLAN interfaces and host the DHCP servers on itself. But you can still keep the DHCP servers on the switch. It's up to you.
Regardless of the control modes, you can always use the VLAN interfaces on the Omada routers.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
Recommended Solution
  1  
  1  
#6
Options
6 Reply
Re:Configure routing and internet access between VLANs
2024-06-06 08:11:47 - last edited 2024-06-06 08:12:35

Hi @tiganita 

Thanks for posting in our business forum.

What kind of guides did you read? If you read what I post on the forum, the questions you have here should be resolved by reading it.

Give it a try?

How to Configure VLAN on TP-Link Switch

And this as well: How to Set Up VLAN Interface on the Omada Router

Your router might not be capable of the VLAN NAT. That's why you don't have the Internet. It does not have anything to do with the switch at all. It is not NAT-ing.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
  1  
  1  
#2
Options
Re:Configure routing and internet access between VLANs
2024-06-06 16:17:47

Hi @Clive_A ,

 

thank you for the fast feedback.

I definitely read the first article you provided but it didn't help me. Maybe I didn't understand it all.

The second article I skipped because it uses a separate VLAN capable router.

 

I thought because of the L3 Features of my switch it would be posssible to route things only inside the switch and things going out into the internet would use the router/fritzbox.

But if I now understand it correctly it is crucial to have a VLAN capable router to set a tagged port up there and on the switch.

Am I right or is it somehow possible only with the switch?

 

Thanks in advance.

 

/tiganita

  0  
  0  
#3
Options
Re:Configure routing and internet access between VLANs
2024-06-07 01:19:53

Hi @tiganita 

Thanks for posting in our business forum.

tiganita wrote

Hi @Clive_A ,

 

thank you for the fast feedback.

I definitely read the first article you provided but it didn't help me. Maybe I didn't understand it all.

The second article I skipped because it uses a separate VLAN capable router.

 

I thought because of the L3 Features of my switch it would be posssible to route things only inside the switch and things going out into the internet would use the router/fritzbox.

But if I now understand it correctly it is crucial to have a VLAN capable router to set a tagged port up there and on the switch.

Am I right or is it somehow possible only with the switch?

 

Thanks in advance.

 

/tiganita

Read it again in the notes area which is super super important. VLAN (capable) vs VLAN interface, are completely different.

You might search for this online. I have explained this in the note area.

VLAN capable only means it supports 802.1Q VLAN. It is not the same concept as the VLAN interface. All the posts I have on the forum clearly distinguish them that VLAN and VLAN interface are different.

 

I recall that people on the forum reported the model you use does not support that.


Or let's say this, if you can get the DHCP IP correctly, from the switch when you connect to it, then you are setting up the VLAN correctly. Ping default gateway, no issue, then you are doing it correctly.

So, it concludes that there is no problem with the switch at all. A switch is not NAT-ing. So you should check what device in your network is doing the NAT.

I have clearly explained that you need several functions to work together to get a switch to work if you need the Internet.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
  1  
  1  
#4
Options
Re:Configure routing and internet access between VLANs
2024-06-08 09:31:46

Hi  @Clive_A ,

 

if I understand you correctly and looking through the notes of the second link it means that the switch alone is not capable of inter/multi-VLAN NAT-ing.

In that case I would need to have a router with this capability.

 

Does TP-Link have one with a modem included?

 

Thanks for your help!

 

BR

/Bryan

 

  0  
  0  
#5
Options
Re:Configure routing and internet access between VLANs-Solution
2024-06-11 01:08:25 - last edited 2024-06-16 05:13:08

Hi @tiganita 

Thanks for posting in our business forum.

tiganita wrote

Hi  @Clive_A ,

 

if I understand you correctly and looking through the notes of the second link it means that the switch alone is not capable of inter/multi-VLAN NAT-ing.

In that case I would need to have a router with this capability.

 

Does TP-Link have one with a modem included?

 

Thanks for your help!

 

BR

/Bryan

 

Yes, correct. Now we are talking.

Modem, nope. Router, yep.

Our Omada solution can provide the VLAN interfaces and host the DHCP servers on itself. But you can still keep the DHCP servers on the switch. It's up to you.
Regardless of the control modes, you can always use the VLAN interfaces on the Omada routers.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
Recommended Solution
  1  
  1  
#6
Options
Re:Configure routing and internet access between VLANs
2024-06-14 09:21:44

@Clive_A 

Thanks for your help and patience.

Then I'll have to get a working router....probably incl. a modem.

  1  
  1  
#7
Options