I read through dozena of similar posts and it seems everyone has or had a different solution.
I used to have UTM, latest version, two nics one to wan, one nic with 6 vlans trunked in from a SG300-28. Worked perfectly, as everyone says. Switch layer 3, and the uplink was tagged and trunked. Clients untagged.
Fast forward to XG, software install on XG230, without touching switch config, and using the same port with the port setup with a single vlan for the devices, the best i could pull off was a client would pull a dhcp address from the XG for that vlan, but nothing else. No pinging gateway. How can it pull DHCP but not ping the gateway? This is with a firewall zone rull full open, lan->any.
Simply moving the XG to SG300 uplink to an access port non tagged vlan, gets the client dhcp and all services.
What gives? Does anyone have a solid reason why for some people, XG to Cisco should be trunked, but in other cases like this when trunked prior for UTM, the same trunked config halts on XG?
I verified with SG->XG the untagged access port is indeed providing the vlan dhcp range and honoring vlan rules. This defies logic?
My client is access untagged, thus assigned ex. Vlan 100 upon switch entry. I see this in ARP table. The tagged port accepts vlan 100 . The XG accepts the client DHCp request on that vlan, provides the right client DHCP info, then just stops.
I read the layer 2 vs layer 3 and i dont buy it. UTM was l2 and SG l3 and worked perfectly together. I didnt have any routes defined prior and still dont now, and defining routes made no difference to trunking asepct. In trunk mode, defaulted 0.0.0.0/0 to the physical and vlan ip separately and neither yeilded connectivity beyond a dhcp pull.
I have enough physical ports to accommodate my config doing 1:1 untagged access, but seems like i should be able to do ROAS and trunk it all in a single physical like UTM did..
If anyone has ideas im all ears.
This thread was automatically locked due to age.
