Meraki

Community

MS210 Inter Vlan Communication issue

mahi
Comes here often
‎Jun 28 2021 2:24 AM
‎Jun 28 2021 2:24 AM

MS210 Inter Vlan Communication issue

We are having meraki switches MS210 (x4) and a sonicwall NSA 2650 firewall which we will replace with MX100 in 2 months.

 

I have created 2 vlan(vlan1 , vlan10)  interfaces in one of the switch and there is a native vlan interface(vlan1) in sonicwall.

 

meraki switch traffic is forwarded to sonicwall using static route.

 

In sonicwall i have added a static route to vlan10 network through meraki vlan1 interface.

 

Now!! i can ping all the hosts in each vlan from other vlan but couldn't access any device. only pinging is  happening.

 

Am i missing anything!!!

0 Kudos
8 Replies 8
ww
Kind of a big deal
Kind of a big deal
‎Jun 28 2021 2:39 AM
‎Jun 28 2021 2:39 AM

If you can ping them then it sounds the routing is working. What are you trying to access.  Does the client not has a firewall that is blocking traffic?

In response to ww
mahi
Comes here often
‎Jun 28 2021 3:16 AM
‎Jun 28 2021 3:16 AM

I can't access NAS or server from other VLAN and i have allowed all the services in firewall as well.

0 Kudos
In response to mahi
DarrenOC
Kind of a big deal
Kind of a big deal
‎Jun 28 2021 12:25 PM
‎Jun 28 2021 12:25 PM

What does a traceroute show you.

 

can you ping other devices on the same network as your NAS and servers?

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.
0 Kudos
In response to DarrenOC
mahi
Comes here often
‎Jul 1 2021 7:17 AM
‎Jul 1 2021 7:17 AM

@DarrenOC sorry for the late reply, traceroute is passed with single hop.

 

And i can ping the devices from both the vlans, but the NAS and servers in other vlan are inaccessible.

0 Kudos
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Jun 28 2021 1:15 PM
‎Jun 28 2021 1:15 PM

What is routing between the two VLANs?  The MS210 stack?

 

If so, are your hosts using the MS210s as their default gateway?

0 Kudos
In response to PhilipDAth
mahi
Comes here often
‎Jul 1 2021 7:24 AM
‎Jul 1 2021 7:24 AM

@PhilipDAth Sorry for the late reply! I have 3 VLANS Vlan (1,5,10). Native vlan 1 is created in sonicwall, Vlan 1,5&10 are in meraki and traffic(0.0.0.0/0) is forwarded to sonicwall. From sonicwall, Vlan 5&10 traffic are forwarded to vlan1 interface of meraki.

 

Hence for the hosts in vlan 5&10 meraki(MS210) interface is default gateway.

0 Kudos
In response to mahi
Bruce
Kind of a big deal
‎Jul 1 2021 2:34 PM
‎Jul 1 2021 2:34 PM

@mahi my guess is going to be an asymmetric routing issue. The NAS and servers wouldn’t happen to reside in VLAN1 would they? Client to server is going via the MS stack only, whereas the return traffic (defined by the NAS/server default gateway) is going via the Sonicwall, then back to the MS. All I can imagine is the Sonicwall is doing something ‘smart’ as it won’t be seeing the entire TCP three way handshake.

 

Is the default gateway on the NAS/server pointing at the MS or the Sonicwall? If it’s the Sonicwall try changing it to the MS.

0 Kudos
In response to Bruce
mahi
Comes here often
‎Jul 2 2021 1:22 PM
‎Jul 2 2021 1:22 PM

@Bruce yes, the NAS and servers are reside in vlan1 and their default gateway is pointing towards sonicwall. I'll definitely try changing them to ms and update. 

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.