• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 248
  • Last Modified:

vlan issue

i have done vlan using cisco router and a cisco switch
encapsulation dot1.q used
vlan1, 192.168.1.1
vlan2, 192.168.2.1


i have linux firewall
eth1, 192.168.1.2

i added virtual ip to eth1.1 interface, 192.168.2.2

users can ping to 192.168.1.2, but cannot ping to 192.168.2.2

what might be the problem

i want to give access to vlan ip ranges using my linux box

i blv the issue is encapsulation issue
any ideas how to fix this?



0
ammadeyy2020
Asked:
ammadeyy2020
2 Solutions
 
btassureCommented:
You need to configure the interface as a trunk and/or configure the subinterfaces into the vlans they represent.
See this article for more info:
http://www.linuxjournal.com/article/7268
0
 
shareditCommented:
Can I ask why you are not using the router to route between the two vlans?

I lack experience with this Linux Firewall Software, but typically Firewalls forward traffic through itself, they do not route back out the same interface packets come in on.

The Router is where i would be setting up traffic between the two Vlans. The firewall Isn't really going to do any routing for you, it is probably just going to be the default route for unknown traffic on your network.

I may be unclear as to how your network is setup.

On the switch port connected to router
config t
int f0/x
switchport mode trunk
switchport trunk encapsulation dot1q
switchport trunk native vlan 1
switchport trunk allowed vlan add 1,2
switchport nonegotiate

on the router port connected to the switch
config t
int e0/x.2  <------ i usually make the .x the number of the VALN. ie vlan2=.2 vlan20=.20 vlan34=.34 makes it less confusing
encapsulation dot1q 2
ip add x.x.x.x x.x.x.x (this should be the default route for Vlan 2)

where is dhcp coming from?

with that, if you put a port on the switch to access vlan2 an appropriately ip configured pc, in that port should be able to ping vlan 1

0
 
ammadeyy2020Author Commented:
i added static route to firewall, and default route to router, it works fine
0

Featured Post

The Lifecycle Approach to Managing Security Policy

Managing application connectivity and security policies can be achieved more effectively when following a framework that automates repeatable processes and ensures that the right activities are performed in the right order.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now