"Dumb" layer2 switch on access port meraki ms120

githo
Just browsing

"Dumb" layer2 switch on access port meraki ms120

Hi

 

MS120 switch with access port (native VLAN 40). When we connect a computer everything works fine (internal network + connection to our USG, who handles all VLANS, routing and WAN).

When we connect a dumb layer 2 switch however (due to not enough cables atm) the internal network works fine except access to the USG (and everything behind it) for all clients connected to the dumb switch.

This exact same setup (untagged VLAN40 port) on our old Zyxel GS1920 switch works just fine. 

What might cause this problem?

 

Thanks

11 Replies 11
NolanHerring
Kind of a big deal

Maybe I'm having a brain fart but if the port is configured for access port mode, you can't assign a native vlan (only on trunk ports).

Can you show a screenshot for how you have the port configured
Nolan Herring | nolanwifi.com
TwitterLinkedIn
cmr
Kind of a big deal
Kind of a big deal

@githo is the dumb switch truly dumb?  It may have a VLAN1 setting that is causing a mismatch?

githo
Just browsing

@cmr It's the most basic and cheapest switch (tried both netgear and D-link). It's a temporary solution due to cable shortage.

When we put these switches on an untagged (access) port (VLAN 40) from our Zyxel switch everything works fine.

On the meraki the clients get IP's as the should and they can access the servers. They just can't reach (or get a reply from) our gateway (ICMP), so no internet.

 

 

cmr
Kind of a big deal
Kind of a big deal


@githo wrote:

@cmr It's the most basic and cheapest switch (tried both netgear and D-link). It's a temporary solution due to cable shortage.

When we put these switches on an untagged (access) port (VLAN 40) from our Zyxel switch everything works fine.

On the meraki the clients get IP's as the should and they can access the servers. They just can't reach (or get a reply from) our gateway (ICMP), so no internet.

 

 


Are the MAC addresses of the clients who are connected to the dumb switch in the arp table of the USG?

githo
Just browsing

@cmr Sorry about the delay. I replicated the problem today.

Computers with ip show up on the port information page.
All mac addresses turn up in the routers arp table.

Also the problem starts to manifest when I put on more than 1 computer behind the switch. If only 1 pc is turned on everything works perfect.

I tried other simple non manageable/non vlan switches but the problem remains. It seems that you can't put another switch behind the MS.

redsector
Head in the Cloud

I can put dumb switches on our MS-switches (MS 10.45 networks an MS 25.14 networks).

The port config you sent seems to be good (but some dump switches are working with BPDU-guard enabled on the Meraki switch-port some don´t. I had this issue today).

You may have to check if the standard VLANon Meraki switches is 1.

Try another dumb switch from another vendor. I this case: the cheaper the dumb switch the better (no extra software on the dumb switch which can occure failures).

 

redsector
Head in the Cloud

Do you have 802.1x port-security on the Meraki network switch-ports?

githo
Just browsing

Hi, I(ve tried 2 brands (D-link and netgear) with the same results. I don't think they come any cheaper than this. 🙂

 

We have no access policies. Do you mean management VLAN with standard?

redsector
Head in the Cloud

Yes, management VLAN 1.

 

I just tried a Netgear FS 105 switch. It´s working.

githo
Just browsing

Yes Management VLAN is 1.

So weird, I really don't get it.

 

I just tried with

a TP-link TL-SF1008D

a belkin V300df

and a D-Link DES-1008D

 

All cheap, a bit older but still.. 

githo
Just browsing

@NolanHerring 

 

The port config:

 

Type: Access

Access policy: Open

VLAN: 40

Voice Vlan: /

Link: Auto negotioate

RSTP: Enabled

STP guard: disabled

Unsheduled

Port isolation: Disabled

UDLD: Alert only

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels