I have an MS250, in my network I only have that single MS (I do not have Fw) I have MS set my VLANs and each VLAN with DHCP, connect a laptop and it gives me DHCP but does not surf the internet and the ping does not respond.
Try two different scenarios:
1.- Connect my MS in a Modem (the modem gives me DHCP 192.168.1.0/24 network mask 192.168.1.254)
The MS obtained DHCP and connected to the Meraki cloud.
Then configure my Default Route:
Interfaces
Switch Name Subnet IP VLAN DHCP Setting
Core User 150.130.156.0/24 150.130156.1 130 Server
Core Internet 192.168.1.0/24 192.168.1.250 120 Off
Static routes
Switch Name Subnet Next Hop IP Advertise via OSPF
Core Default route 0.0.0.0/24 192.168.1.254 No
I do not have internet, what may be happening ???,
will be that because the modem does not have VLAN 120 ????
2.- They provided me with network parameters to configure the MS with static addressing.
The IP is public of type B 187.X.X.22X / 26 default gateway 187.X.X.193
And configure the MS with that data. My MS will be directly connected to the carrier's router.
Then my default route was as follows;
Interfaces
Switch Name Subnet IP VLAN DHCP Setting
Core User 150.130.156.0/24 150.130156.1 130 Server
Core Internet 187.X.X192/26 187.X.X.200 120 Off
Static routes
Switch Name Subnet Next Hop IP Advertise via OSPF
Core Default route 0.0.0.0/24 187.X.X.193 No
I do not have internet, what may be happening ???,
Does the MS have to be in the same VLAN of the Carrier router ???
Are the two scenarios valid ???
First VLAN130 is using public IP address when it should probably be using private IP addressing.
Next your modem will need a route for VLAN130 via VLAN120.
Next your modem will need to be configured to do NAT for VLAN130.
I assume you have plugged your modem into VLAN120 (even if by making a port on the switch an access port in VLAN120), and that from VLAN120 you can ping your modem.
my modem is not L3, it is a house modem.
the second ecenary as the time ??
If your modem doesn't have layer 3 capabilities then this configuration is not likely to work for you. You will need a more capable router.
I agree with @PhilipDAth , you are going to need a L3 device , and if you are going with the second scenario , make shure the other side has the routes for the VLANs / ( VLAN Tagging ) .