I'm a novice when it comes to networking so please bare with me. I have a new network I'm setting up and have issues with DNS.
My setup is as follows | ISP -> Modem -> Untangle Firewall -> Cisco SG350 switch -> Devices and AP
On my switch I have 5 VLANs. Firewall IP is 192.168.2.1. Switch IP is 192.168.2.10. Vlan 1 = 192.168.2.X w/ DHCP from Untangle. VLAN 20 = 192.168.20.X w/ DHCP from switch. VLAN 30 = 192.168.30.X w/ DHCP from switch, and so on for VLAN 40 and 50.
The Untangle Firewall is in router mode with static routes to my switch VLANs.
DHCP from the firewall successfully provides DHCP and DNS to the VLAN 1 on switch. VLAN 1 ports connect to internet no problem.
My problem is I don't know how to pass DNS from my firewall to the VLAN 20-50. Inter-vlan is routing correctly. Connecting to VLAN 20-50 I can ping the Firewall and other switch VLANs successfully. The firewall can also ping the VLAN IP. However, on the device connected to the VLAN, it does not receive DNS. From the connected device, I can ping 8.8.8.8 but cannot ping google.com.
I simply want to point VLAN 20-50 devices to DNS 8.8.8.8. What do I need to do?
note: this is a 'cross-post' from /r/cisco
Here's my switch config:
config-file-header
switch58785p
v2.5.5.47 / RTESLA2.5.5_930_364_286
CLI v1.0
file SSD indicator excluded
@
!
unit-type-control-start
unit-type unit 1 network gi uplink none
unit-type-control-end
!
vlan database
vlan 20,30,40,50
exit
voice vlan oui-table add 0001e3 Siemens_AG_phone
voice vlan oui-table add 00036b Cisco_phone
voice vlan oui-table add 00096e Avaya
voice vlan oui-table add 000fe2 H3C_Aolynk
voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone
voice vlan oui-table add 00d01e Pingtel_phone
voice vlan oui-table add 00e075 Polycom/Veritel_phone
voice vlan oui-table add 00e0bb 3Com_phone
no eee enable
no ip arp proxy disable
ip dhcp server
ip dhcp pool network "VLAN 20"
address low 192.168.20.100 high 192.168.20.200 255.255.255.0
exit
ip dhcp pool network "VLAN 30"
address low 192.168.30.100 high 192.168.30.200 255.255.255.0
exit
ip dhcp pool network "VLAN 40"
address low 192.168.40.100 high 192.168.40.200 255.255.255.0
exit
ip dhcp pool network "VLAN 50"
address low 192.168.50.100 high 192.168.50.200 255.255.255.0
exit
bonjour interface range vlan 1
ip name-server 192.168.2.1
!
interface vlan 1
ip address 192.168.2.10 255.255.255.0
no ip address dhcp
!
interface vlan 20
name TRUSTED
ip address 192.168.20.1 255.255.255.0
!
interface vlan 30
name NVR
ip address 192.168.30.1 255.255.255.0
!
interface vlan 40
name WIFI
ip address 192.168.40.1 255.255.255.0
!
interface vlan 50
name IoT
ip address 192.168.50.1 255.255.255.0
!
interface GigabitEthernet1
switchport mode trunk
!
interface GigabitEthernet2
switchport access vlan 20
!
interface GigabitEthernet3
switchport mode trunk
switchport trunk allowed vlan 1-19,21-29,31-4094
!
interface GigabitEthernet4
switchport mode trunk
switchport trunk allowed vlan 1-19,21-29,31-4094
!
interface GigabitEthernet5
switchport access vlan 20
!
interface GigabitEthernet6
switchport access vlan 30
!
interface GigabitEthernet7
switchport access vlan 20
!
exit
ip default-gateway 192.168.2.1
No comments:
Post a Comment