• March 29, 2024, 04:33:26 AM
  • Welcome, Guest
Please login or register.

Login with username, password and session length
Advanced search  

News:

This Forum Beta is ONLY for registered owners of D-Link products in the USA for which we have created boards at this time.

Author Topic: Access to Management VLAN  (Read 6578 times)

gewuerzgurke84

  • Level 1 Member
  • *
  • Posts: 4
Access to Management VLAN
« on: August 07, 2018, 10:54:34 PM »

Hello together,

I have a network including 1x DGS1210-16 switch acting as a core switch and 2x DGS1210-8P switches that are both connected via SFP to the core switch. Both DGS1210-8P are identical in terms of Firmware/HW Revision.

(Problem)
I cannot access the management ui from one of those two DGS1210-8P switches as soon as I enable management VLAN=200 on it :(

(Layout)
DGS1210-16: Core Switch (Port 15, Tagged with all VLANs) -> 1x DGS1210-8P (Port 9, Tagged with all VLANs)
DGS1210-16: Core Switch (Port 16, Tagged with all VLANs) -> 1x DGS1210-8P (Port 9, Tagged with all VLANs)
DGS1210-16: Management VLAN=200
Both DGS1210-8P: Management VLAN=200
I'm testing the access via a port=3/VLAN=200 from core switch.

Strange thing is that I can gain access to the problematic switch if I connect an admin pc directly to it and put the connected port into the management VLAN=200. From any other switch I cannot access the management ui even all uplink ports are tagged for all VLANs. The other DGS1210-8P acts as expected and I can access it even from the core switch.

Any idea how to find the cause for this problem? I'm very close to replace the complete network infrastructure due to this problem :(

Thank & Best Regards
 Alex
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 49923
  • D-Link Global Forum Moderator
    • Router Troubleshooting
Re: Access to Management VLAN
« Reply #1 on: August 08, 2018, 07:22:07 AM »

Link>Welcome!

  • What region are you located?

Anything in the user manual about this by chance?
Logged
Cable: 1Gb/50Mb>NetGear CM1200>DIR-882>HP 24pt Gb Switch. COVR-1202/2202/3902,DIR-2660/80,3xDGL-4500s,DIR-LX1870,857,835,827,815,890L,880L,868L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L,960L and 8000LH.

Gattsu

  • Technical Engineer
  • Level 3 Member
  • *
  • Posts: 139
Re: Access to Management VLAN
« Reply #2 on: August 08, 2018, 09:59:24 AM »

So issue is replicated on both DGS1210-8P?

Logged

gewuerzgurke84

  • Level 1 Member
  • *
  • Posts: 4
Re: Access to Management VLAN
« Reply #3 on: August 08, 2018, 01:02:48 PM »

I'm located in Germany and already read through the whole Manual but could not find any hint regarding this Case.

Issue is not replicated, it occurs on one of two switches which are configured equally. "Normal" Traffic works as expected in both switches, it's only an issue regarding the Management ui from one Switch.

Best regards
Logged

Gattsu

  • Technical Engineer
  • Level 3 Member
  • *
  • Posts: 139
Re: Access to Management VLAN
« Reply #4 on: August 09, 2018, 08:58:32 AM »

Unlikely a configuration issue since the setup is very basic. Possibly a bad switch? Try swapping the two and see if issue follows that same switch. Or you can try other ports as trunk. But if traffic is passing through on VLAN 200, then it might be just the GUI itself not responding and maybe still on default VLAN.


Logged

PacketTracer

  • Level 4 Member
  • ****
  • Posts: 441
Re: Access to Management VLAN
« Reply #5 on: August 10, 2018, 01:02:26 AM »

Hi,

Quote
Issue is not replicated, it occurs on one of two switches which are configured equally.

I hope, "configured equally" does _not_ mean, they share the same management IP address? What network address do you use for VLAN 200 and what are the three management IP addresses of your switches? Can you reach (e.g. ping) any other device connected to an access port configured for VLAN 200 (port is an untagged member of VLAN 200 and has set PVID=200) at the switch under consideration from a VLAN 200 device (e.g. a PC) connected to another switch?

What MAC addresses do the management interfaces use (inspect the ARP cache of your admin PC after a successful connection to the management interfaces of the switches) - can they be overridden via ui and happen to be identical by accident?

PT
« Last Edit: August 10, 2018, 01:09:21 AM by PacketTracer »
Logged

gewuerzgurke84

  • Level 1 Member
  • *
  • Posts: 4
Re: Access to Management VLAN
« Reply #6 on: May 28, 2019, 06:29:13 AM »

core-switch has 172.16.1.80/26, others switches have 172.16.1.81/26 and 172.16.1.82/26 set as management IP (of course, I did not provided equal IPs to several devices). All switches have 172.16.1.65 configured as default gateway.

The problem still looks like:
- I cannot ping my default gateway from any switch besides the core-switch (where the default gateway is directly attached to)
- I cannot ping anything in VLAN200 from the switches (172.16.1.81/82) which is not directly attached
- I can ping anything in VLAN200 from a client which is connected to one of the switches
- I've seen blocked firewall traffic from one of the switches in my pfsense box showing discovery broadcast messages. For some reason the source is not VLAN200 (Management VLAN) but the Default VLAN=1

ARP Cache seems to be correct on all switches.
« Last Edit: May 28, 2019, 06:31:16 AM by gewuerzgurke84 »
Logged

PacketTracer

  • Level 4 Member
  • ****
  • Posts: 441
Re: Access to Management VLAN
« Reply #7 on: May 28, 2019, 01:45:24 PM »

Hi again!

I guess for ports 15 and 16 at the core and ports 9 at the other switches you have set PVID=1 (the default), and these 4 ports are untagged members of VLAN 1 (the default) and tagged members of a set of VLANs (not equal to 1) you added. Hence VLAN 1 would play the role of the native VLAN.

What if you swap the roles of VLANs 1 and 200 : Set the 4 ports' PVID to 200 and let them be tagged members of VLAN 1 and untagged members of VLAN 200.

Just a try because I can't see what's wrong with your configuration ...

PT
« Last Edit: May 28, 2019, 01:51:46 PM by PacketTracer »
Logged

gewuerzgurke84

  • Level 1 Member
  • *
  • Posts: 4
Re: Access to Management VLAN
« Reply #8 on: August 15, 2019, 05:30:13 AM »

Hello together,

I finally found the issue:
# I've replaced the core-switch with a DGS 1210 28 (with preinstalled FW Version 4.0xxxx)
# After the succesful replacement I also tried to get things working with the management interfaces with the two other DGS switches, but ran into the same problem
# After update the DGS 1210 28 to the current FW Version 4.1xxxxx the problem disappeared

So, finally it was a bug somewhere in the FW....

Best Regards,
 Alex
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 49923
  • D-Link Global Forum Moderator
    • Router Troubleshooting
Re: Access to Management VLAN (RESOLVED)
« Reply #9 on: August 15, 2019, 06:08:56 AM »

Thanks for letting us know. Glad the FW update helped fix this.

Enjoy.  ;)
Logged
Cable: 1Gb/50Mb>NetGear CM1200>DIR-882>HP 24pt Gb Switch. COVR-1202/2202/3902,DIR-2660/80,3xDGL-4500s,DIR-LX1870,857,835,827,815,890L,880L,868L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L,960L and 8000LH.