cancel
Showing results for 
Search instead for 
Did you mean: 

HELP : Need to communicate specific IP address between VLANS

Highlighted
Here to help

HELP : Need to communicate specific IP address between VLANS

Hi CISCO Community,

I have been searching for this here but it still it does not work Smiley Sad

I need help on how to communicate our Private VLAN to other VLANs as well. We are using a MX84.

Our Private VLAN is tagged as VLAN2 at 142.63.4.0/24 using port no. 5.
I need to access our File Server tagged as VLAN6 at 172.9.0.3/32 using port no. 10.

I configure it to the firewall settings to allow traffic from VLAN2 going to VLAN10 but still, I can't access our file server.

Please see my configuration below. Thank you.

VLAN SETTINGS.JPGVLAN SETTINGSport settings.JPGPORT SETTINGSFirewall settings.png





15 REPLIES 15
Kind of a big deal

Re: HELP : Need to communicate specific IP address between VLANS

The file server is on VLAN6 not VLAN10, but that is not the issue.

 

Your layer 3 firewalls are all "permits" - so that is not the issue.

 

I assume that a host on each network can get to the Internet - which will prove you have the correct gateway's configured?

 

Are you trying to access the file server via its IP address?  If not, what method are you using to provide name to IP address mapping?

 

 

My next guess is Windows firewall on the file server.  Have you tried disabling it?

 

 

Also, why are you using public IP addressing on an internal VLAN?

Here to help

Re: HELP : Need to communicate specific IP address between VLANS

Hi @PhilipDAth ,

Thank you for the correction Smiley Happy on VLANs

Yes, I am accessing it via IP Address. It is on a FreeNas so that no windows firewall is needed to configure. It is working properly before when I am using our Fortigate Switch but when I used our Meraki it does not work anymore.

is there a way to communicate different VLANs within different ports? I think my Layer 3 Firewall is configured correctly. 

Thanks!

Head in the Cloud

Re: HELP : Need to communicate specific IP address between VLANS

So the default gateway on the FreeNAS is set to 172.9.0.1, and on the hosts 142.63.4.1 with subnet masks on both set to 255.255.255.0 right?

Kind of a big deal

Re: HELP : Need to communicate specific IP address between VLANS

Have you got AMP or IPS enabled?  If so, could you trying turning them off for 1 minute and see if it changes the problem.  If not, restore them to their original settings.

Kind of a big deal

Re: HELP : Need to communicate specific IP address between VLANS

I've come to realise I have made a giant assumption.

 

When it is not working - what is actually happening?  Do you get an error message?

Here to help

Re: HELP : Need to communicate specific IP address between VLANS

Hi Brecht,

That is right. My default gateway is 172.9.0.1 and the IP address of the File Server is 172.9.0.3. Our Team's VLAN is 142.63.4.0/24.

But when I transfer our File Server to our Team's VLAN 142.63.4.0/24, which is 142.63.4.20 it is accessible.

They are on the different built-in ports, is that the issue?
Kind of a big deal

Re: HELP : Need to communicate specific IP address between VLANS

Can you access the file server from any of the VLANs using private IP addressing?

Here to help

Re: HELP : Need to communicate specific IP address between VLANS

It is working properly when I am using our old fortigate. I just configure the firewall settings and it will be accessible. I think I just did the same way in Meraki MX but it does not work.


But when I transfer our File Server to our Team's VLAN 142.63.4.0/24, which is 142.63.4.20 it is accessible.
They are on the different built-in ports, is that the issue?
Here to help

Re: HELP : Need to communicate specific IP address between VLANS

Hi Philip,

"Can you access the file server from any of the VLANs using private IP addressing?"

I am just new to meraki mx, about "Private IP addressing" how can I do that?
Kind of a big deal

Re: HELP : Need to communicate specific IP address between VLANS

Can the Freenas box access the Internet?

Can you client access the Internet?

 

I need to know these answers to verify basic connectivity.

 

 

 

VLAN 3, 4 , 5, 6 and 99 are using private IP addressing in your network.

Kind of a big deal

Re: HELP : Need to communicate specific IP address between VLANS

You didn't answer this question either.

 

"Have you got AMP or IPS enabled?  If so, could you trying turning them off for 1 minute and see if it changes the problem.  If not, restore them to their original settings."

Here to help

Re: HELP : Need to communicate specific IP address between VLANS

@PhilipDAth 

Hi Philip,

AMP and IPS are not enabled at the moment because I am just starting to set this up.

Freenas Box can is on local only, and I don't think it is on the internet? Lan port of our FreeNAS box is directly connected to PORT 10 of MX84.

Kind of a big deal

Re: HELP : Need to communicate specific IP address between VLANS

If you SSH into your FreeNas box - can you ping www.google.com?

Here to help

Re: HELP : Need to communicate specific IP address between VLANS

Hi Philip,

Yes, I can ping the google.com if I go into the Freenas GUI and SSH

Here to help

Re: HELP : Need to communicate specific IP address between VLANS

Hi All,

Thanks for the supports. This is my fault, I am used to Fortigate so I thought the MX84 works the same as a switch.

I correctly configured our layer 2 manageable switch for this.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.