×
INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!
  • Students Click Here

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Students Click Here

Jobs

How to enable vlan routing on Nortel 5520ERS

How to enable vlan routing on Nortel 5520ERS

How to enable vlan routing on Nortel 5520ERS

(OP)
Hi guyz.

After unsuccesfull research, i come to you because i have a problem to enable vlan routing on a stack of 3x Nortel 5520ERS.

So, i have 3 VLAN : ( VLAN 2 & VLAN3) and the VLAN1(Default).

My switch has :
* 192.168.1.102 and is the interface of VLAN#1
* 192.168.2.1 is the interface of VLAN#2
* 192.168.3.1 is the interface of VLAN#3

ip routing is enabled on all the vlans and in the switch global configuration !

Problem is that i ping all Vlans interfaces but not computers connected on them.

So from 192.168.2.10 -----> 192.168.2.1 OK!
from 192.168.2.10 -----> 192.168.3.1 OK!
from 192.168.2.10 -----> 192.168.3.11 NOT OK !

You will find screens in attachment, like ip routing tables and various pings !

Thanks to you all, manubz.

(Sorry for my english, i'm french... :))





RE: How to enable vlan routing on Nortel 5520ERS

A couple of things for you to check.

Have you got the PC's connected in the correct vlan?

Have you got the correct default gateway configured on the PC? It needs to be the IP interface of the vlan the pc is plugged into.

If you post the config i may be able to help more.

RE: How to enable vlan routing on Nortel 5520ERS

(OP)
Hi, thanks for you reply !

Yes, my PC's are right connected in Vlan's.

All PC's in Vlan's have Vlan ip as gateway, for example 192.168.2.10 has 192.168.2.1 in VLAN#2 - 192.168.3.10 has 192.168.3.1 etc.

PC's can ping all Vlan ip interfaces but not PC's in others Vlan's :/


I will send the config tomorrow, i'm not @ work yet :)

RE: How to enable vlan routing on Nortel 5520ERS

Make sure the each port's PVID is set to the primary untagged VLAN for that port.

RE: How to enable vlan routing on Nortel 5520ERS

PCs have their Windows firewall on.

RE: How to enable vlan routing on Nortel 5520ERS

(OP)
Okay, thanks all for your replies , i will try theses solutions tomorrow !
@curtismo, i do not understand all about pvids, i have not a perfect english smile

@vince, maybe firewalls are enabled but computers in the same vlan can ping themselves.

See you tomorrow, thanks !

RE: How to enable vlan routing on Nortel 5520ERS

(OP)
Hi !

So i have trying some solutions this morning, unsuccessful :/

I have installed Device Manager on my computer and turned on/off some options, i post a screen about informations on the vlans.

If some one could help me about my problem or need more informations, say it :)

Thanks !

RE: How to enable vlan routing on Nortel 5520ERS

(OP)
Larger size img :)

RE: How to enable vlan routing on Nortel 5520ERS

Have you turned off Windows Firewall yet?

The last time somebody told me they had a "Network Problem", they gave me the same reply you just did, but it was still the Windows firewalls.

RE: How to enable vlan routing on Nortel 5520ERS

(OP)
Hi,

I solved my problem;

So, when i was testing, i never said to my fortigate than VLAN2 & VLAN3 were connected to 5520.

Here, i made a static route on my fortigate like that : 192.168.3.0 ----> 192.168.1.102(IP 5520) and the same for VLAN2

There, all is working fine, from all my VLAN's i can access to my network and ping the fortigate :)

Now the problem is that VLAN2 & VLAN3 can't access to Internet :/

RE: How to enable vlan routing on Nortel 5520ERS

I don't understand - if the VLAN2 & VLAN3 router addresses are on your switch, your Fortigate should not have any interface in either of those two subnets?

The Fortigate has an interface in VLAN1?

The Fortigate has a default router pointing away from the switches towards the outaide world?
The fortigate has static routes for VLAN2 & VLAN3 subnets pointing at the VLAN1 interface on the switch?

RE: How to enable vlan routing on Nortel 5520ERS

(OP)
Hi Vince !

- The Fortigate has an interface in VLAN1 : it's 192.168.1.1 (Internet GW)
- The Fortigate hasn't any interface in VLAN2 and VLAN3
- To join VLAN2 and VLAN3, the fortigate has a static route pointing on the VLAN1 interface on the switch

RE: How to enable vlan routing on Nortel 5520ERS

To get vlan 2 & 3 access to the internet, you have to add a default route on the switch pointing to the fortigate

ip route 0.0.0.0/0 192.168.1.1 1

RE: How to enable vlan routing on Nortel 5520ERS

(OP)
Hi Andy,

I made a default route for Internet, but it was the Fortigate who didn't allowed my networks 192.68.2.X to go on Internet :)

Now I have an other question, i made a vlan for a a company who must connect to our network to have access to a server.
They have a fiber on one of our 5520 and i would want to know if it was possible to deny all the access excepting on this server.

It would be like that :

VLAN93 (192.168.93.X) ----> 192.168.93.1 -----> 192.168.1.99 (Server they have to join)

So, is there any routing policies to allow only 192.168.1.99 routing on Vlan3 ?

Thanks :)

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members! Already a Member? Login

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close