Cisco RV 325 – Losing Internet When VLAN is Enabled

ciscoroutingvlan

I tried many times to make my router work in the configuration I want, but no matter what I do, it won't work..

The configuration :

ISP router: IP address 192.168.99.1 all ports forwarded to 192.168.99.2
connected to a Cisco Small Business RV 325 configured with the 192.168.99.2 IP address on WAN port.

I set some VLANs on the RV 325 :

VLAN 1 => default, gateway 192.168.99.254 No DHCP
VLAN 10 => for workstations IP 192.168.1.1/24 GW 192.168.1.1 DHCP Enabled
VLAN 20 => for VOIP IP 192.168.2.1/24 GW 192.168.2.1 No DHCP
VLAN 30 => for IP cameras IP 192.168.3.1/24 GW 192.168.3.1 No DHCP

By default the VLAN option is not enabled. I can access to the internet, but I don't have the benefit of the VLANs.
When I enable it, I can't get access to the internet anymore…

Most of the time, I get an error referring to DNS error so I suspected a missing firewall rule.

So, I've tried multiple firewall rules (even ANY to ANY), but I never succeeded.

What can I do to make this router work with VLANs?

This is the interface I have to setup for the router

Best Answer

first of all, thank you for your questions and answers.

The solution was provided by YLearn :

I believe the VLANs are only for the internal LAN ports and don't apply to the WAN ports on this device. Your VLAN 1 IP address overlaps with the WAN interface IP address putting the same subnet on both sides of the RV325. This should only work if the WAN port is configured as a "Transparent Bridge" as per documentation. For normal operation these two subnets should be different.

I changed the VLAN1 to another IP range and enabled VLAN. It worked like a charm.

Related Solutions

Dell PowerConnect – VLAN Routing on Dell PowerConnect 5524

When testing networking connections, don't use windows machines.

My firewall was set to allow ICMP traffic from any subnet on any domain profile yet it was still blocking the packets.

Turning the firewall off completely allowed the traffic through, so the routing is working.

Also, pings probably aren't the best way to test network connectivity.

For anyone looking to route between two VLANs on the Dell PowerConnect 5524, the commands on page 220 of the user guide are sufficient:

en
config

vlan database
vlan 100-101
exit

interface gi1/0/1
switchport access vlan 100
ip address 1.1.1.1 255.255.255.0
exit

interface gi1/0/2
switchport access vlan 101
ip address 2.1.1.1 255.255.255.0
exit

Vlan – VTP V3 Cisco Switch Error when creating new VLAN

You can see the primary server (if any) in the output of show vtp status:

Primary ID                        : 0011.2233.4455
Primary Description               : primary-switch-name

If the Primary ID is 0000.0000.0000, then your current switch does not recognize any primary server, including itself. To answer your questions:

When you try to promote a switch to the VTP primary server role, VTP performs a sanity check to make sure no other switch on the network if already the primary, and will warn you if one is found. Either way, IOS will prompt you to proceed, so you can still back out if you're unsure. This is important, because the new primary server will cause all other VTP clients and servers to overwrite their existing VTP configuration with that of the new server. However, only switches in the same VTP domain and with the same password would be affected, and you would be able to see those with show vtp devices.
I think you have it mostly correct. The one part I would comment on is that the only time a primary server demotes itself to secondary status is when it rejoins the VTP domain after a reload. During normal operation, a primary server will remain the primary server unless you run vtp primary on another server.

If you have only one switch configured as the VTP server, and it is not primary, I would conclude that it was rebooted at some point, which would have caused it to demote itself. It should be safe to promote it back to primary. If you're ever unsure, back up your VLAN database (typically flash:vlan.dat on smaller platforms) before making changes, so you can switch to transparent mode and restore your VLANs quickly if you need to.

Cisco has a comprehensive document on VTP Version 3 that goes over all of this and more.

Best Answer

Related Solutions

Dell PowerConnect – VLAN Routing on Dell PowerConnect 5524

Vlan – VTP V3 Cisco Switch Error when creating new VLAN

Related Topic