Adding a 2nd Lan interface connection and it doesn't seem to activate

CraigT
CraigT Posts: 4
Hi all,
I recently upgraded from an USG 310 to an USG Flex 700.  I used to the web convertor to migrate my configuration but I seem to have an issue.   

On the 310 I had GE3 configured as LAN port and set to handle my wireless VLANs.  I had GE8 set as LAN port connect to our switches.  Everything worked fine like this.

After migrating to the Flex 700 only G3 seems to work.  I have checked and I can't see any differences in the settings between the USG 310 and the Flex 700.  I have tried setting up a new LAN port from scratch and I can't seem to get any traffic to the port.  I have tried setting the port to a different LAN zone and setting them up with DHCP server and attached a laptop directly to the port and I get nothing.  The web interface and the CLI both the show the ports active but I get nothing

Any thoughts? 

All Replies

  • PeterUK
    PeterUK Posts: 2,655  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    Is your laptop getting a IP?

    Does 
    GE8 have a zone set?

    You may need a routing rule and firewall rule.
  • CraigT
    CraigT Posts: 4
    PeterUK said:
    Is your laptop getting a IP?

    Does GE8 have a zone set?

    You may need a routing rule and firewall rule.
    The laptop does not get an IP. 

    I have tried setting the zone to LAN (my default zone) and when I tried configuring it with its own DHCP I set the zone to LAN1.  The laptop did not an IP either way.   I manually configured the laptop with an IP and I still did not get connectivity.   

    I also tried setting a policy route just to confirm that it wasn't blocking anything and that didn't seem to help either.
  • PeterUK
    PeterUK Posts: 2,655  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    Something wrong if its not getting a IP maybe the port is faulty?

    Can you save the config reset to default the USG Flex 700 and try setting up a DHCP on port 8 to see if your laptop gets a IP.
  • Nice work bro, thanks for sharing.
  • CraigT
    CraigT Posts: 4
    PeterUK said:
    Something wrong if its not getting a IP maybe the port is faulty?

    Can you save the config reset to default the USG Flex 700 and try setting up a DHCP on port 8 to see if your laptop gets a IP.
    The strange thing is I've tried GE4, GE7, GE8, GE12 and they are all acting the same way.  GE1 and GE2 are my WAN ports and seem to work and GE3 of course is working for my LAN but nothing else seems to work.  

    Unfortunately I can't reset to default without taking my network down and we run 24/7.  My 310 just had its licenses expire so reverting to it isn't desirable either.

    I have run out of things to try so as unlikely as it might be I think you maybe right and the majority of the ports are bad.   
  • CraigT
    CraigT Posts: 4
    So I was retesting the various combinations this morning before giving up and assuming bad ports. Here is what I found.

    GE3 LAN port -  GE4 port for testing
    Policy route created to explicitly allow traffic to and from GE3 lan subnet and GE4 lan subnet

    Port     ZONE      DHCP Server       VLAN with DHCP      Laptop received IP       LAN Access    Internet Access
    GE4    LAN          off                         off                             no                                    no                    no
    GE4    LAN          on new subnet    off                             yes                                   no                    yes
    GE4    LAN          off                         on                             no                                    no                    no

    When the laptop had internet access I could ping the LAN and VLAN addresses assigned to the router interfaces but I was unable to ping any other internal IP's.

    So based on the fact that I can get internet access in one scenario the port must be working and something else is going on but I have no idea what at this point.   

    Thoughts?
  • Zyxel_Can
    Zyxel_Can Posts: 342  Zyxel Employee
    Friend Collector First Answer First Comment
    Hi @CraigT,

    Can you share USG310's and USG FLEX 700's configuration file with me by private message?

  • Zyxel_Can
    Zyxel_Can Posts: 342  Zyxel Employee
    Friend Collector First Answer First Comment

    Hi @CraigT,

    I applied the config files both for USG310 and USG FLEX 700.

    Port4 is not activated.



    In the Port8's description you write LAN DHCP Enabled. But that port was not configured as DHCP Server. 

    Are you sure that you configured this port properly?


    Can you draw your topology for this case?

    Also, can you start capturing packets before connecting P8, then connect P8 (for P3, vlans and P8)?



    Please send me captured packets. I would like to check for you.

Security Highlight