Long time lurker and first time poster. First of all let me thank @coxhaus, through his posts I learned a lot about Cisco gears and VLAN stuff.
I am trying to build a home network with inter-VLAN capabilities using my trusty AC68U, a newly acquired Cisco SG300-10MPP level-3 switch and a Cisco WAP371 AP, following coxhaus's guide How to setup a Guest network on an Cisco SG300-28 layer 3 switch. I was able to set up multiple VLANs and get internet access on my Linux laptop. However, other clients in the default VLAN and other VLANs do not have internet access due to missing DNS server.
Here is the current configurations on my devices:
Win and Mac cannot open google.com but can open 1.1.1.1. Pinging also doesn't work. If I manually assign DNS server (10.1.1.1) to the connection, they will have internet access and can ping any clients in the LAN.
At this point, I'm convinced that the DNS server is not propagated to end clients (but why Linux laptop is not affected?). I messed around with router's DNS settings, no luck, resulting in factory resetting multiple times. I am also not sure if I had the DNS settings set up correctly in the switch. In coxhaus's post somewhere he mentioned he has DNS problem as well after the initial setup. My next step (after solving this DNS problem, obviously) is to set up ACLs so VLANs will be properly isolated.
Any thoughts on this? Thank your input in advance.
I am trying to build a home network with inter-VLAN capabilities using my trusty AC68U, a newly acquired Cisco SG300-10MPP level-3 switch and a Cisco WAP371 AP, following coxhaus's guide How to setup a Guest network on an Cisco SG300-28 layer 3 switch. I was able to set up multiple VLANs and get internet access on my Linux laptop. However, other clients in the default VLAN and other VLANs do not have internet access due to missing DNS server.
Here is the current configurations on my devices:
- The router is running Merlin latest stable (386.1_2), the switch is also on the latest firmware (1.4.11.5) and so is WAP371 (1.3.0.7)
- The router is at 10.1.1.1, with DHCP off. Other settings are kept as factory default. The static route is set to:
- Network/Host IP: 10.1.0.0
- Netmask: 255.255.0.0
- Default Gateway: 10.1.1.254
- Interface: LAN
- The switch is in L3 mode, with static IP 10.1.1.254. Default VLAN101, VLAN102 Home, VLAN108 Guest, VLAN109 Work
- Switch IPv4 Interface has:
- VLAN 101, 10.1.1.254, 255.255.255.0
- VLAN 102, 10.1.2.254, 255.255.255.0
- VLAN 108, 10.1.8.254, 255.255.255.0
- VLAN 109, 10.1.9.254, 255.255.255.0
- Switch IPv4 Routes can be seen in the picture
- Switch ports:
- Port 1 is access port: 101UP (to router)
- Port 4 is access port: 101UP (to Linux laptop)
- Port 5 is trunk, 101UP 102T 108T (to WAP371)
- Port 9 is access port: 109UP (to Windows workstation)
- DHCP pools for each VLAN are set up, see picture
- The DNS Settings are at default, except that I added "cisco-sg300.home" to Default Domain Name (see picture)
Win and Mac cannot open google.com but can open 1.1.1.1. Pinging also doesn't work. If I manually assign DNS server (10.1.1.1) to the connection, they will have internet access and can ping any clients in the LAN.
At this point, I'm convinced that the DNS server is not propagated to end clients (but why Linux laptop is not affected?). I messed around with router's DNS settings, no luck, resulting in factory resetting multiple times. I am also not sure if I had the DNS settings set up correctly in the switch. In coxhaus's post somewhere he mentioned he has DNS problem as well after the initial setup. My next step (after solving this DNS problem, obviously) is to set up ACLs so VLANs will be properly isolated.
Any thoughts on this? Thank your input in advance.
Attachments
Last edited: