Draytek 2820 Vlan Setup

Hi Experts

I'm trying to setup a vlan on a Draytek 2820, Ive followed a few guides online and just cant seem to get internet access on the new vlan, I can however ping the router.

My current setup is vlan1 has our main lan and sbs running DHCP, vlan2 just needs to have internet access, I can connect a pc using a static ip and can ping the router I just cant ping the internet (8.8.8.8)

Hopefully I'm just missing something obvious.
LVL 1
coreccAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Chris MillardCommented:
IIRC, You have to assign ALL LAN ports and Wi-Fi SSIDs to a VLAN - even if not using them. Have you done that?
0
coreccAuthor Commented:
yes, everything is on vlan1 except p4 which is vlan2
0
Chris MillardCommented:
OK, so the PC on VLAN2 isn't getting an IP from DHCP - which is expected because DHCP is running on the SBS server which is on VLAN1, and DHCP is disabled on the router.

What IP address is your router on, and what is the current IP configuration assigned to the PC on VLAN2?
0
What were the top attacks of Q1 2018?

The Threat Lab team analyzes data from WatchGuard’s Firebox Feed, internal and partner threat intelligence, and a research honeynet, to provide insightful analysis about the top threats on the Internet. Check out our Q1 2018 report for smart, practical security advice today!

coreccAuthor Commented:
That's all correct, he's my config:

LAN IP Network Configuration
For NAT Usage
For NAT Mode For IP Routing Mode
   1st IP Address  192.168.0.254
   1st Subnet Mask  255.255.255.0
For IP Routing Usage  Enable  Disable
   2nd IP Address  10.254.255.1
   2nd Subnet Mask  255.255.255.0

im using on the laptop
ip 10.254.255.10
sub 255.255.255.0
gateway 10.254.255.1
0
Chris MillardCommented:
Ah, can you change your 2nd IP address to 10.254.254.1 and change the gateway address on the laptop to 10.254.254.1

the .255. is a broadcast address and may be causing your problem...
0
coreccAuthor Commented:
Thanks, I'm going to try changing this when I'm next on site but we have used this ip address range on another site with out a problem.  Thanks
0
coreccAuthor Commented:
Ive changed the ip to 192.168.1.1, same problem...
0
Chris MillardCommented:
Right - I've done some more investigation (I too have a 2820).

The VLAN and "For IP Routing Usage" options are not connected.

In my scenario I did this:-

VLAN0 - P1 P2 P3
VLAN1 - P4

On LAN->General Setup, my routers IP is set to 192.168.1.1 with a subnet mask of 255.255.255.0

VLAN0 has an SBS server on it providing DHCP. Any machines connected to P1 P2 or P3 are getting IP addresses from DHCP and work no problem - they get IPs in the range 192.168.1.10 - 192.168.1.254

Any machines on P4 do NOT get an IP automatically as there is no DHCP server on this VLAN. HOWEVER, If I manually fix the IP on a machine on VLAN1 to a 192.168.1.x address then:-

a) That machine is getting internet access OK; and
b) Can NOT communicate with any other machine on VLAN0

Of course, I have to make sure that any IP I assign on VLAN1 is not assigned to a machine on VLAN0.

I cannot see how to incorporate the "For IP Routing Usage" IP addresses onto VLAN1 - I tried enabling the DHCP server for it - that didn't work. I also set a static IP in the range 192.168.2.x onto my PC, and like you, could ping the router, but not the internet.
1

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
coreccAuthor Commented:
ok, that's really useful, im going to set it up the same as you, its not perfect for me but it will be ok. Thanks
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Routers

From novice to tech pro — start learning today.