Switches, Hubs, and Modems
cancel
Showing results for 
Search instead for 
Did you mean: 

5406 VLAN problem

Ian Fane
Occasional Visitor

5406 VLAN problem

Hi,

I’ve just installed a 5406 to replace an Allied telesyn, I’ve recreated the VLAN structure as on the previous switch. Everything works well – DHCP/file/print/email/databases, except the staff who use outlook to access their webmail cannot connect. It appears to block the DNS request for an external domain.
The switch is the default gateway for the domain, our ISA server is the default gateway for the switch. When I try and resolve the address on the DNS server, it fails, but when I put the default gateway to the ISA it resolves it immediately, but the DNS server cannot be accessed by the rest of the network until I reset the default gateway,
What am I missing?

Any help would be much appreciated,

Thanks,

Ian.
6 REPLIES
cenk sasmaztin
Honored Contributor

Re: 5406 VLAN problem

hi Ian
please send me show tech print
and send me dhcp and dns server ip address and isa server lan ip address

cenk
cenk

Mohieddin Kharnoub
Honored Contributor

Re: 5406 VLAN problem

Hi

- On the DHCP scope, what are the DNS servers configured ?
- Can the Client ping those servers ?
- You said when the ISA is the default gateway, it works, then:
I suspect its either a Routing entry missing on the ISA
Or
A security policy on the ISA should bve configured to allow clients with default gateway (switch) to access outside world or the DNS servers.

Good Luck !!!
Science for Everyone
Ian Fane
Occasional Visitor

Re: 5406 VLAN problem

Cenk, network and switch configs in the attachment,

Thanks,

Ian
cenk sasmaztin
Honored Contributor

Re: 5406 VLAN problem

please for test ping to dns server on pc


and please say me pc ip address ,subnet mask ,default gateway and dns address


cenk
cenk

Ian Fane
Occasional Visitor

Re: 5406 VLAN problem

Cenk, I've solved this problem by adding a static route on the switch to the ISA server, as IP routing is enabled it ignores the default gateway apparently. One other thing i'm trying to access an IP device from one VLAN to another but can't ping or connect via port 80, any ideas?
cenk sasmaztin
Honored Contributor

Re: 5406 VLAN problem

hi Ian

yes I think you can write static route on switch to isa server

0.0.0.0 0.0.0.0 172.16.0.2


and you can write static route isa server to switch

172.16.0.0 255.255.255.0 172.16.0.1
172.16.5.0 255.255.255.0 172.16.0.1
172.16.7.0 255.255.255.0 172.16.0.1
172.16.8.0 255.255.255.0 172.16.0.1
172.16.9.0 255.255.255.0 172.16.0.1
172.16.10.0 255.255.255.0 172.16.0.1
172.16.11.0 255.255.255.0 172.16.0.1
172.16.12.0 255.255.255.0 172.16.0.1
172.16.13.0 255.255.255.0 172.16.0.1
172.16.14.0 255.255.255.0 172.16.0.1
172.16.15.0 255.255.255.0 172.16.0.1
172.16.16.0 255.255.255.0 172.16.0.1


you make create each vlan one dhcp scobe
for example

for vlan 7 dhcp scobe
ip range 172.16.7.10-----200
subnet mask :255.255.255.0
defaut gateway 172.16.7.1

for vlan 8 dhcp scobe
ip range 172.16.8.10----200
subnet mask 255.255.255.0
default gateway 172.16.8.1


cenk
cenk