setting up a VLAN, VLAN PC has Internet access but cannot ping each other within VLAN
Hello All, I am new to VLAN's and I know I'm close. Ultimately, I want to have 2 different networks that do not talk to each other, but do want them to talk within their own network and have internet access.
Current setup regular network setup on a SonicWall Firewall with a 192.168.111.x on the first interface
I setup a VLAN with an ID of 20 (VLAN20) of which contains 2 computers 192.168.20.68 and 192.168.20.169.
Currently I can ping the internet that's OK
I can ping the 192.168.111.X network That's NOT OK
I cannot ping within my 192.168.20.x any devices That's Not OK
I have my setup below maybe someone can see a problem?
NEXT Screen
Next Slide
Current setup regular network setup on a SonicWall Firewall with a 192.168.111.x on the first interface
I setup a VLAN with an ID of 20 (VLAN20) of which contains 2 computers 192.168.20.68 and 192.168.20.169.
Currently I can ping the internet that's OK
I can ping the 192.168.111.X network That's NOT OK
I cannot ping within my 192.168.20.x any devices That's Not OK
I have my setup below maybe someone can see a problem?
NEXT Screen
Next Slide
0
Accepted Solution
-
@Avanti
We recommend GS1920v2 series which is our web-smart managed model can support ACL.
https://www.zyxel.com/products_services/8-24-48-port-GbE-Smart-Managed-Switch-GS1920-Series/
Zyxel_Lucious5
All Replies
-
So i did a little more work and Made 1 change.... see below
I can Ping the internet - That's Good
I can Ping other PC's within my VLAN - That's Good
PROBLEM LEFT
How do I block my 192.168.111.x network from communication to 192.168.20.x Network and visa versa??
should VLANS by default block communications between Networks?
here was my change I tagged my TRUNK.
0 -
Hi @Avanti
Welcome to Zyxel community.
Your GS1900's VLAN setting now is basically correct for L2 forwarding.
As for your remaining issue:How do I block my 192.168.111.x network from communication to 192.168.20.x Network and visa versa??Normally we can have two approaches:
1) ACL on switch, unfortunately GS1900 series is rather entry level model without ACL feature.
2) Policy route on router, so you may have to configure policy route rule to forbid specific communication between 192.168.111.x and 192.168.20.x on your SonicWall Firewall.
Hopefully it helps.
Zyxel_Lucious0 -
Thank You for your answer, I thought that was the case.... can you let me know a current model that will let me create ACL's.
Thanks
Avanti
0 -
@Avanti
We recommend GS1920v2 series which is our web-smart managed model can support ACL.
https://www.zyxel.com/products_services/8-24-48-port-GbE-Smart-Managed-Switch-GS1920-Series/
Zyxel_Lucious5
Categories
- All Categories
- 415 Beta Program
- 2.3K Nebula
- 141 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.6K Security
- 218 USG FLEX H Series
- 262 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1K Wireless
- 39 Wireless Ideas
- 6.3K Consumer Product
- 245 Service & License
- 382 News and Release
- 81 Security Advisories
- 27 Education Center
- 8 [Campaign] Zyxel Network Detective
- 3.1K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight