Can't get servers under a Cisco VLAN to reach the open internet

Owen · May 15, 2024, 3:57am

I have a server that needs to reach the open internet, from a VLAN on my home network.

The setup is as follows:

Home Xfinity router in Bridge mode
OpenWRT TP-Link router for home network, LAN1 port tagged to VLAN 3
Managed Cisco switch running a VLAN (VLAN 3) on Gi0/17 - 24. Gi0/1 is the uplink port. All ports in TRUNK mode.
Servers connected to the Cisco switch via the VLAN ports, and other ports

Nothing on the switch can reach the open internet, and I have no idea why. I was looking into firewall rules, different switchport modes, different modes for connections on OpenWRT, and nothing works.
If anyone has any ideas, or a simple guide on how this would work, that would be great. Thanks!

Burner27 · May 15, 2024, 12:11pm

Do you have DHCP set up for VLAN3? DNS set up as well for that VLAN? Also, I would think you would only need the uplink port to be in trunk mode and only specify the ports on the switch to be tagged for vlan3 traffic (aka all other ports should be ‘access’ ports only)

Owen · May 15, 2024, 7:11pm

I was under the impression that DHCP and DNS would auto-configure to server the VLAN as well. To fix this, is this just an OpenWRT setting, or does something on the switch need to be changed as well? (I assume it’s just an OpenWRT configuration change.)

I will also take a look at the ports again… I saw in some places that they all need to be in trunk, but it does make more sense to have them in access.

Thanks!

tvcvt · May 15, 2024, 7:24pm

How are you routing the VLANs? Is OpenWRT filling that role or do you have ACLs setup on the Cisco switch? The first thing I thought of was that there’s no default route being set by DHCP. It would be useful to put a computer on the VLAN in question and post some of the network info to get a sense what’s happening. Are the VLANs set up on OpenWRT or just on the switch?

Burner27 · May 15, 2024, 8:32pm

When you create a VLAN, it’s like creating a new network. You have to assign the following:

Gateway address
DNS Server(s)
DHCP address range
Subnet Mask

Are any of the clients on the switch receiving a DHCP address? When you run ipconfig/all from a cmd prompt (assuming Windows machine) what does it list for DNS?

Owen · May 15, 2024, 8:36pm

Got it, I will configure that, thanks!

Owen · May 15, 2024, 8:37pm

No ACLS, the VLAN is tagged on OpenWRT. I can get some network info on it.

Owen · May 15, 2024, 8:37pm

Just saw the question, no, nothing gets an address from DHCP.

Burner27 · May 15, 2024, 8:38pm

What do you see listed under ipv4 address from running ipconfig?