New VLAN I have created is not working.

Lorcan
Here to help

New VLAN I have created is not working.

Hi, if anyone here is able to help me I would appreciate it a lot as I have essentially given up on this after trying for over a week now. 

 

I work in a small business of about 20 people. We currently have 4 VLANs. The main one (VLAN ID = 1), and 3 other subnets (2, 10, 20). 

 

I want to get part of the network hardware on a completely new VLAN (30). I have created this VLAN with the correct uplink port settings according to all of the user guides I have seen but it will not work when I go into my Zyxel switch and set the VLAN ID to 30.

 

I currently have a laptop plugged into a single port on the laptop and when I set the VLAN ID = 30, I get a broken IP address in command prompt when I type ipconfig = 169.254.190.197, and I also have 'unidentified network'. 

 

When I set the same port to VLAN ID = 20, I get a nice IP of 192.168.20.235, and I have a working network, connect to internet, etc... 

 

If nobody here can help me I think  I will give up as I have tried everything. I will attach images of some of my settings with personal info removed. Thanks.

 

VLAN Addressing settings: https://gyazo.com/6059958e9e63c1e92d0fbb8bd34e99e4

Zyxel Nebula port config settings: https://gyazo.com/f030b8a519e2ab2a9845855c84a96c16

Zyxel switch IP login VLAN settings: https://gyazo.com/77d7b237432678568966db7239035af8

 

Thank you.

 

Lorcan

11 Replies 11
KarstenI
Kind of a big deal
Kind of a big deal

Where are your Layer3 interfaces configured? There you have to configure an IP interface and also a DHCP-scope.

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
Lorcan
Here to help

I am not sure. I have set up a DHCP server in Security & SD-WAN -> Configure -> DHCP as seen here: https://gyazo.com/909f68f09d14842b099dba24166d345b 

 

I will try and figure out what u mean and configure an IP interface

Lorcan
Here to help

Hi Karstenl,

 

The layer 3 rules are found in Security & SD-WAN -> Configure -> Firewall.

 

I am not sure what to write here because the other subnets (2, 10, 20) do not have many outbound rules and yet they work fine.

Lorcan
Here to help

I have added a rule for every single possible connection between subnets, allowing the VLAN 30 to connect to others, but it still does not work. https://gyazo.com/f85b179cf3aecf6eec45557619f6123d

KarstenI
Kind of a big deal
Kind of a big deal

Next step is to check if the DHCP request reaches the MX. You can capture the LAN traffic and filter on "port 67 and port 68". If nothing shows up there is something wrong with your VLAN setup between the port for the end-device and the MX.

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
Lorcan
Here to help

"You can capture the LAN traffic and filter on "port 67 and port 68""

 

How do I do this? Is this something you do in the Cisco Meraki dashboard?

"If nothing shows up there is something wrong with your VLAN setup between the port for the end-device and the MX."

Do you know what it could be that is wrong? In the Zyxel nebula dashboard for the switch we have, I have set the VLAN ID to 30. When I set it to 20, it works fine, with the new network I created however (30) it does not work.

 

KarstenI
Kind of a big deal
Kind of a big deal

Here is the documentation for capturing traffic on the Meraki:

https://documentation.meraki.com/General_Administration/Cross-Platform_Content/Packet_Capture_Overvi...

 

For the VLAN: Every Port from MX to client hast to allow VLAN 30, also the trunk-ports on the switch.

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
Lorcan
Here to help

"For the VLAN: Every Port from MX to client hast to allow VLAN 30, also the trunk-ports on the switch."

I have allowed all ports on the MX to allow all VLANs: https://gyazo.com/6059958e9e63c1e92d0fbb8bd34e99e4

The trunk ports on the switch are also set for VLAN 30: 
https://gyazo.com/f030b8a519e2ab2a9845855c84a96c16

 

I will try and read the data from the DHCP to the MX but I am honestly not sure what you mean

Lorcan
Here to help

With regards to reading the data from the packet capture. Should I plug out all devices out of the four switches in the building, except the one port which I intend to assign VLAN 30 to? And then try and see what it says? Right now I am getting info but I am not sure if its related to the VLAN 30 port.

Lorcan
Here to help

When I use filter expression 'port 67 and 68' I do not get any packets back. https://gyazo.com/c0acbfa2f726a34ce46226397645ab58

KarstenI
Kind of a big deal
Kind of a big deal

Did you connect the PC or do a "ifconfig /renew" directly after starting the capture? If yes, draw a picture with all ports from PC to MX and show the screenshot of the corresponding port-configs.

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels