I can't connect different VLANS to my DNS server

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

I can't connect different VLANS to my DNS server

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
I can't connect different VLANS to my DNS server
I can't connect different VLANS to my DNS server
2022-03-02 01:03:24
Model: OC200  
Hardware Version: V1
Firmware Version: 1.8.0 Build 20210406 Rel.58757

Hi to everyone

I'm trying to configure different VLANS to segment my network and it works! laugh. The problem is that in my network I use my own DNS server.

My main network is 192.168.0.x/24 and my DNS Server has the IP address 192.168.0.140.

 

 

 

 

I have created a new LAN with the IP range 192.168.10.X/24 for my IoT Stuff, and again, it works 

 

 

 

The problem is that when I assign my DNS server 192.168.0.140 to the 192.168.10.x/24 network, I no longer have an internet on it

 

 

Can anyone tell me what I'm doing wrong and how to fix it?

 

Thank you very much and have a nice day

  0      
  0      
#1
Options
5 Reply
Re:I can't connect different VLANS to my DNS server
2022-06-05 11:25:06 - last edited 2022-06-05 14:40:16

  @LarryMerino your HomeStuff network is on VLAN 10 and you main network is VLAN 1.  Communication between the two will not take place until you add a rule for traffic to traverse the VLANs.  Another thing you can do is allow only that IP to be exposed via a firewall rule.  All of this will take place on the router since it is happening at layer 3.  Hope this helps.  
 

  1  
  1  
#2
Options
Re:I can't connect different VLANS to my DNS server
2022-06-05 14:15:31 - last edited 2022-06-05 14:25:13

  @G.V.S 

I'm just about to get an ER605, and reading up on this I thought the exact opposite was true i.e. traffic is routed between VLANS by default, and you have to setup ACL's to stop it doing this...?

 

OK, wait..., just found a secion in the manual that says :

 

"Hosts in the same VLAN can communicate with each other. However, hosts in different VLANs cannot communicate directly."

 

So, what you said..., but this does contrdict a lot of other posts on this forum whch say the opposite..., very confusing....

 

  0  
  0  
#3
Options
Re:I can't connect different VLANS to my DNS server
2022-06-05 14:42:20

  @Tescophil unless there is something unique to how the routing is done on TP-Link routers for those other users, cross VLAN communication is blocked/prevented by default.   

  0  
  0  
#4
Options
Re:I can't connect different VLANS to my DNS server
2022-06-05 14:58:05

  @G.V.S 

Yes, this makes perfect sense.., separate by default, allow by exception...

 

This also leads me to conclude I'm going to have to completely restructure my network and get rid of my Management VLAN in order to install a new ER605 router. Yet one more reason an existing OC200 controller on a VLAN will not adopt a new router..., no traffic between VLAN's by default, and you cannot configure the ACL's until its adopted..., and you cannot adopt it until you have configured the ACL's...etc.

  0  
  0  
#5
Options
Re:I can't connect different VLANS to my DNS server
2022-06-06 06:00:38

  @G.V.S 

An example of the contradiction is in this article https://www.tp-link.com/uk/support/faq/2814/

 

Its about creating a management VLAN, and right at the end, in red, is written :

 

"Note: We suggest you to set ACL to prevent devices in other networks from accessing the devices in management VLAN, which improves the network security"

 

Which assumes that by default, traffic will be routed between the newley created VLAN and the other networks...

  0  
  0  
#6
Options