Hi guys,
We need some help with our M4100 switches (we have 26G's and a 12GF, but the problem applies to all of them).
We're set up several VLAN's on our Fortigate router/firewall, one of which is vlan10, which is the management vlan for our switches. We've been able to get it working on all of our other Netgear switches, but not on the M4100's. We add the vlan's on the M4100's (vlan1 stays as default, then we add vlan10 up to vlan16). We then do the vlan port configuration, where vlan1 stays untagged on all ports. Vlan10 is tagged on the trunk port that runs from the M4100-26G to the M4100-12GF. Illustration: https://i.imgur.com/jyYYdFm.png
VLAN10 is tagged on the trunk port: https://i.imgur.com/rdrJBcX.png
In this case, port 23, which is a fibre connection from this switch to the other one (where it is also tagged on vlan10).
We then set up the management interfaces. VLAN1 displays there with its original IP address (192.168.0.251). We then add vlan10, and set its IP address (192.168.10.8) and gateway (192.168.10.1, which points to to Fortigate router's interface for vlan10). We disable routing (we have tried with it enabled as well, makes no difference in our case), and then select VLAN10 as the management VLAN under System Information. Illustration of vlan1 settings: https://i.imgur.com/EwU6T9j.png
Illustration of vlan10 settings: https://i.imgur.com/ppIZNd4.png
And then, this is what we have in System Information:https://i.imgur.com/ZPvVNyu.png
As you can see, it shows the management vlan as vlan 10, with the correct IP address.
Now, the problem is that we can PING the 192.168.10.8 ip address, but cannot access the web interface via that IP. At the same time, we can ping the 192.168.0.251 ip address, AND can access the web interface via THAT ip. Quite literally the other way round from how it should be.
Any advice? Our other Netgear switches work fine, but they don't have multiple management interfaces like in the screenshots above. Rather, they have one page where you set the IP of the switch and select the management VLAN, not set an IP per VLAN.
Regards,
No comments:
Post a Comment