Solved

Zyxel USG100. GS1910 Vlans cannot access wan

Posted on 2013-11-08
1
2,094 Views
Last Modified: 2013-11-14
Iam trying to configure a network that looks like this:

network
My Vlans and static routing seams to work fine, i am able to ping between the VLANs. My problem is, when i try to make a connection to the internet, I get a time out when trying to ping, i am aware that i need to configure some sort of NAT. But cant quite figure out what goes wrong.

I have tried to create a Policy Route, when i apply the policy but there is a unstable pattern in the replies, got a lot of timeouts, then at ones there is connectivity for a while and then it dies again.

Here are screenshots of my configurations on FW1 and SW1

FW1:

Network -> Interface -> VLAN
Network -> Interface -> Port Role
Network -> Routing -> Static Route
Network -> Routing -> Policy Route

SW1:


Configuration -> VLANs -> VLAN Membership
Configuration -> VLANs -> Ports

Any suggestions to what I have to do?
0
Comment
Question by:Rybicki-Ibsen
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 26

Accepted Solution

by:
Soulja earned 500 total points
ID: 39633953
On your vlan port configuration, I don't see a port configured as a trunk. The port connecting up to you FW should be set to tag if it's to be a trunk.

- Why do you have static routes when all of your vlan networks are connected routes already? Did you create the static routes?
- Why do you not have a trunk between the switches for vlan 99 and 300. Currently layer 2 traffic on those vlans would have to go up to your firewall to get to the other switch. Not optimal.
-What are you doing policy routing for?
0

Featured Post

Secure Your Active Directory - April 20, 2017

Active Directory plays a critical role in your company’s IT infrastructure and keeping it secure in today’s hacker-infested world is a must.
Microsoft published 300+ pages of guidance, but who has the time, money, and resources to implement? Register now to find an easier way.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Changing VLAN information 3 36
Layer 3 switch recommendation 15 60
How to disable sflow Cisco nexus 9k 3 19
WDS can't PXE boot 3 38
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question