Hello
You have probably created a new VLAN, bound it to either LAN or Internet Port and then created an IP interface specifying IP address and gateway. This VLAN is then selected in the VSC menu as VSC egress mapping. In order for this to work this VLAN has also to be configured on the zl switch. In the typical setup with Access Control and Always Tunnel Client Traffic the traffic is tunneled to the controller and then forwarded to the specified VLAN. That means that you need to also have this VLAN on the respective switch ports connecting to the MSM775 module. If you bound the VLAN to the LAN port you need to have this VLAN tagged on switch port <slot>2 (for example A2). If you bound it to the Internet Port you need to have it tagged on switch port <slot>1. So maybe you can check this. The command to check VLAN membership on the switch is
show vlan port <port-nr> detail (for example show vlan port A1 detail)
You donтАЩt mention how exactly you configured DHCP on the controller. The controller can act as DHCP server or DHCP relay for access controlled VSC. You will probably need the DHCP relay option since you seem you have a DHCP server in your VLAN. Go to Controller ->Network ->Address Allocation to check which option is enabled. By default none is enabled. If you need to enable DHCP relay, make sure that Listen for requests on Client Date Tunnel is enabled. LAN port should typically remain disabled. If you want be using a specific DHCP server but just want egress the DHCP Packets to the egress VLAN you should check тАЬExtend VSC egress subnet to VSC ingress subnetтАЭ. This can only be enabled if NAT is disabled on your egress IP interface. You can enter a dummy IP address as primary server address because the GUI will not allow you to save.
Then you go to the VSC menu and you should have a DHCP relay agent menu in the lower right corner. Set the checkbox before DHCP relay agent and select the radio button for forward to egress interface. Save the configuration. Now the controller should forward all DHCP traffic to the egress VLAN where it should hit your DHCP server.
You can also test the other option "Use the following server" if you want but it is not supported with teaming and it has some issue. "Forward to egress interface" is the simpler and more reliable.
Hello @CurtBCLPT
If I am not wrong tracert is showing another outbound interface. Could you please go to Controller -->Network-> IP routes and check which default route you have. Please try adding a default route pointing to the VLAN gateway 10.81.190.1.
Hello,
Not sure if this will help but could you please try adding a second default route pointing to 10.81.190.1
Hello @CurtBCLPT
Could you please provide update on this topic? Could you identify and resolve the issue preventing the internet access?