D-Link Enterprise > DGS-1210-Series

Access to Management VLAN

<< < (2/2)

PacketTracer:
Hi,


--- Quote ---Issue is not replicated, it occurs on one of two switches which are configured equally.
--- End quote ---

I hope, "configured equally" does _not_ mean, they share the same management IP address? What network address do you use for VLAN 200 and what are the three management IP addresses of your switches? Can you reach (e.g. ping) any other device connected to an access port configured for VLAN 200 (port is an untagged member of VLAN 200 and has set PVID=200) at the switch under consideration from a VLAN 200 device (e.g. a PC) connected to another switch?

What MAC addresses do the management interfaces use (inspect the ARP cache of your admin PC after a successful connection to the management interfaces of the switches) - can they be overridden via ui and happen to be identical by accident?

PT

gewuerzgurke84:
core-switch has 172.16.1.80/26, others switches have 172.16.1.81/26 and 172.16.1.82/26 set as management IP (of course, I did not provided equal IPs to several devices). All switches have 172.16.1.65 configured as default gateway.

The problem still looks like:
- I cannot ping my default gateway from any switch besides the core-switch (where the default gateway is directly attached to)
- I cannot ping anything in VLAN200 from the switches (172.16.1.81/82) which is not directly attached
- I can ping anything in VLAN200 from a client which is connected to one of the switches
- I've seen blocked firewall traffic from one of the switches in my pfsense box showing discovery broadcast messages. For some reason the source is not VLAN200 (Management VLAN) but the Default VLAN=1

ARP Cache seems to be correct on all switches.

PacketTracer:
Hi again!

I guess for ports 15 and 16 at the core and ports 9 at the other switches you have set PVID=1 (the default), and these 4 ports are untagged members of VLAN 1 (the default) and tagged members of a set of VLANs (not equal to 1) you added. Hence VLAN 1 would play the role of the native VLAN.

What if you swap the roles of VLANs 1 and 200 : Set the 4 ports' PVID to 200 and let them be tagged members of VLAN 1 and untagged members of VLAN 200.

Just a try because I can't see what's wrong with your configuration ...

PT

gewuerzgurke84:
Hello together,

I finally found the issue:
# I've replaced the core-switch with a DGS 1210 28 (with preinstalled FW Version 4.0xxxx)
# After the succesful replacement I also tried to get things working with the management interfaces with the two other DGS switches, but ran into the same problem
# After update the DGS 1210 28 to the current FW Version 4.1xxxxx the problem disappeared

So, finally it was a bug somewhere in the FW....

Best Regards,
 Alex

FurryNutz:
Thanks for letting us know. Glad the FW update helped fix this.

Enjoy.  ;)

Navigation

[0] Message Index

[*] Previous page

Go to full version