F5F Stay Refreshed Power Users Networks Recent findings indicate the latest reason for early hair loss.

Recent findings indicate the latest reason for early hair loss.

Recent findings indicate the latest reason for early hair loss.

G
Godslayerno1
Member
Find
54
03-14-2025, 09:38 AM
#1
So I am trying to segregate my network into 4/5 Virtual LANS. 1(Native/Core) 13(cameras) 17(Main WLAN) 20(IoT WLAN) 24(other wired devices). Hardware A-Router:USG B-Current Switch: Cisco SG200-50P C-New Switch: Dell PowerConnect 5548P D-Cam Switch: Cisco 2960C Topology A(LAN)->(g50)B(g49)->(g48)C(g9)->(g1)D What it can do: looks like in it's current state, all I can do is ping the management interface on the new switch. I can also ping the gateways of all the vlans from the new switch so I know the trunk on that port is working. important notes -My current assumption is an inter-vlan routing issue on the Dell but my limited experience makes it difficult for me to troubleshoot. I'll provide all the relevant configs with obvious redactions. -The 2960 should be a Vlan 13 only switch for cameras. -The SG200 will eventually be replaced by the dell when this is all working -only thing that was done on the USG was creation of networks, Vlan assignment and DHCP. all else is default. ignore 5 and 13. How you can help me I'm basically asking you guys to look at the configs and see if I'm missing something. Dell vlan database vlan 13,17,20,24 exit voice vlan oui-table add 000181 Nortel__________________ voice vlan oui-table add 0001e3 Siemens_AG_phone________ voice vlan oui-table add 00036b Cisco_phone_____________ voice vlan oui-table add 00096e Avaya___________________ voice vlan oui-table add 000fe2 H3C_Aolynk______________ voice vlan oui-table add 001049 Shoretel________________ voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone voice vlan oui-table add 00907a Polycom/Veritel_phone___ voice vlan oui-table add 00e0bb 3Com_phone______________ iscsi target port 860 address 0.0.0.0 iscsi target port 3260 address 0.0.0.0 iscsi target port 9876 address 0.0.0.0 iscsi target port 20002 address 0.0.0.0 iscsi target port 20003 address 0.0.0.0 iscsi target port 25555 address 0.0.0.0 hostname core management access-list SSH permit service ssh exit aaa authentication enable default line aaa authentication login default line line ssh password *************** encrypted exit line console password ************* encrypted exit username Ryan password encrypted ************* pri vilege 15 ip ssh server ip domain name core.lan line console motd-banner exit line ssh motd-banner exit line telnet motd-banner exit banner motd ^C MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMWNXXK0OOO0KXNWMMMMMMMMMMMMMMMMMMMMMMMMMM MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMWXOdlcccc::::::ccox0XWMMMMMMMMMMMMMMMMMMMMMM MMMMMMMMMMMMMMMMMMMMMMMMMMMMWXOl;,''''''''''',,'.':lxKNMMMMMMMMMMMMMMMMMMMM MMMMMMMMMMMMMMMMMMMMMMMMMMMNk:'.',''........',,'.';clox0NMMMMMMMMMMMMMMMMMM MMMMMMMMMMMMMMMMMMMMMMMMMMXd,..,;,,,,,,,,,;;clllclllllclxNMMMMMMMMMMMMMMMMM MMMMMMMMMMMMMMMMMMMMMMMMMXo'.',;cloodddddxxkkOOOO0OkdocclxXMMMMMMMMMMMMMMMM MMMMMMMMMMMMMMMMMMMMMMMMXko;,;coxkOOO000000000000KKKKkolc:xNMMMMMMMMMMMMMMM MMMMMMMMMMMMMMMMMMMMMMMXdcdl,:okO00000000000000KKKXXXKkoccdk0NMMMMMMMMMMMMM MMMMMMMMMMMMMMMMMMMMMMWk;''..:dkOOkkkxkkO0000OOOO00XXKOo:,,:o0WMMMMMMMMMMMM MMMMMMMMMMMMMMMMMMMMMWO:. .;dkkxdooodxkO00OkxxddxkO0Oo,. .;dKWMMMMMMMMMMM MMMMMMMMMMMMMMMMMMMMMWx,.. .:xOOkdcccoxkOO0kxxdocldkO0x, .:dXMMMMMMMMMMM MMMMMMMMMMMMMMMMMMMMMWO;.. .:k0OkxdoodxxkOK0xddoloxO0KO; ..'lKMMMMMMMMMMM MMMMMMMMMMMMMMMMMMMMMM0:.....cO0000OOOkkkOOKK0kkkO0KXXXO; ...lXMMMMMMMMMMM MMMMMMMMMMMMMMMMMMMMMMXl'''..:k00000000OOO0KKKOO0KKKKKKk,....'dWMMMMMMMMMMM MMMMMMMMMMMMMMMMMMMMMMNx;,,'.;x000000000OOO0OOO00KKK000o.....,OWMMMMMMMMMMM MMMMMMMMMMMMMMMMMMMMMMM0c'....oO000K0000OOOOOO0K00000Ok:. ...;kNWMMMMMMMMMM MMMMMMMMMMMMMMMMMMMMMMMNd'. .:k0000000OOO0OO000K00Odol. ..'cOWMMMMMMMMMM MMMMMMMMMMMMMMMMMMMMMMMMXd;'',lkO000OOOOkkkkkxxkkOk:.... .,ldONMMMMMMMMMMM MMMMMMMMMMMMMMMMMMMMMMMMMWX0KXK0OOOOOOOOOOkkkkkkkkx;. ..,:oOKXWMMMMMMMMMMMM MMMMMMMMMMMMMMMMMMMMMMMMMMMMWWX0OOOOOOO0000OOO00OOOdlcllokXNNWMMMMMMMMMMMMM MMMMMMMMMMMMMMMMMMMMMMMMMMWWKOxkOOOkOOOO0000000000Oxxk00OKNWMMMMMMMMMMMMMMM MMMMMMMMMMWWNXXKK00000000Oxc,.,dOOOkkkkOO00000OOOkkxdc;:oOKXXXXNWWMMMMMMMMM MMMMMWNX0Okkxdddddol:;;;'.. 'lxkOOOkkkkkOOOOkxxdxxxx:...,:lddxk0KKXNWWMMMM MMMN0kxdddddooool:'. .cddkOOOOkkkOOOOOkxddxkkkd,. .',;cooddxkOKNMM MWKxoodddoooll:'.. ;ddxkOOOOOkOOOOkxddxxxkko' ....',;::clokXM ^C ! interface vlan 1 ip address dhcp ! interface vlan 13 name Camera ! interface vlan 17 name ******* ! interface vlan 20 name ***** ! interface vlan 24 name LAN ! interface gigabitethernet1/0/3 description MainAP switchport mode trunk switchport trunk allowed vlan remove 2-16,18-19,21-4094 ! interface gigabitethernet1/0/5 description MainAP switchport mode trunk switchport trunk allowed vlan remove 2-16,18-19,21-4094 ! interface gigabitethernet1/0/7 description SouthAP switchport mode trunk switchport trunk allowed vlan remove 2-16,18-19,21-4094 ! interface gigabitethernet1/0/9 description CamSWUplink switchport mode trunk switchport trunk allowed vlan remove 2-12,14-4094 ! interface gigabitethernet1/0/10 switchport access vlan 13 ! interface gigabitethernet1/0/11 description CK no switchport switchport trunk allowed vlan remove 2-12,14-4094 ! interface gigabitethernet1/0/13 description Lore ! interface gigabitethernet1/0/15 description Data ! interface gigabitethernet1/0/17 description Printer ! interface gigabitethernet1/0/18 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/19 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/20 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/21 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/22 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/23 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/24 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/25 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/26 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/27 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/28 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/29 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/30 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/31 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/32 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/33 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/34 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/35 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/36 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/37 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/38 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/39 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/40 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/41 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/42 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/43 description LAN ! interface gigabitethernet1/0/44 description LAN ! interface gigabitethernet1/0/45 description LAN ! interface gigabitethernet1/0/46 description LAN ! interface gigabitethernet1/0/47 description LAN ! interface gigabitethernet1/0/48 description Uplink switchport mode trunk ! Default settings: Service tag: ******* SW version 4.1.0.12 (date 22-Jul-2013 time 16:32:43) Gigabit Ethernet Ports ============================= no shutdown speed 1000 duplex full negotiation flow-control on mdix auto no back-pressure interface vlan 1 interface port-channel 1 - 32 spanning-tree spanning-tree mode RSTP qos basic qos trust cos eee enable 2960C Building configuration... Current configuration : 1703 bytes ! ! Last configuration change at 00:50:18 UTC Mon Jan 2 2006 ! version 15.2 no service pad service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname CameraSW ! boot-start-marker boot-end-marker ! ! enable secret 9 **************** ! username Ryan privilege 15 password 0 **************** no aaa new-model system mtu routing 1500 ! ! ! ip domain-name Cameras.lan ! ! ! ! ! ! ! ! spanning-tree mode rapid-pvst spanning-tree extend system-id ! ! ! ! vlan internal allocation policy ascending ! ! ! ! ! ! ! ! ! ! ! interface FastEthernet0/1 switchport access vlan 13 switchport mode access ! interface FastEthernet0/2 switchport access vlan 13 switchport mode access ! interface FastEthernet0/3 switchport access vlan 13 switchport mode access ! interface FastEthernet0/4 switchport access vlan 13 switchport mode access ! interface FastEthernet0/5 switchport access vlan 13 switchport mode access ! interface FastEthernet0/6 switchport access vlan 13 switchport mode access ! interface FastEthernet0/7 switchport access vlan 13 switchport mode access ! interface FastEthernet0/8 switchport access vlan 13 switchport mode access ! interface FastEthernet0/9 switchport mode access ! interface FastEthernet0/10 ! interface FastEthernet0/11 ! interface FastEthernet0/12 ! interface GigabitEthernet0/1 switchport mode trunk ! interface GigabitEthernet0/2 ! interface Vlan1 ip address dhcp shutdown ! ! ip http server ip http secure-server ! ! line con 0 password ******************* logging synchronous login line vty 0 4 login transport input ssh line vty 5 15 login transport input ssh ! end Thanks!
Reply
Reply
G
Godslayerno1
03-14-2025, 09:38 AM #1

So I am trying to segregate my network into 4/5 Virtual LANS. 1(Native/Core) 13(cameras) 17(Main WLAN) 20(IoT WLAN) 24(other wired devices). Hardware A-Router:USG B-Current Switch: Cisco SG200-50P C-New Switch: Dell PowerConnect 5548P D-Cam Switch: Cisco 2960C Topology A(LAN)->(g50)B(g49)->(g48)C(g9)->(g1)D What it can do: looks like in it's current state, all I can do is ping the management interface on the new switch. I can also ping the gateways of all the vlans from the new switch so I know the trunk on that port is working. important notes -My current assumption is an inter-vlan routing issue on the Dell but my limited experience makes it difficult for me to troubleshoot. I'll provide all the relevant configs with obvious redactions. -The 2960 should be a Vlan 13 only switch for cameras. -The SG200 will eventually be replaced by the dell when this is all working -only thing that was done on the USG was creation of networks, Vlan assignment and DHCP. all else is default. ignore 5 and 13. How you can help me I'm basically asking you guys to look at the configs and see if I'm missing something. Dell vlan database vlan 13,17,20,24 exit voice vlan oui-table add 000181 Nortel__________________ voice vlan oui-table add 0001e3 Siemens_AG_phone________ voice vlan oui-table add 00036b Cisco_phone_____________ voice vlan oui-table add 00096e Avaya___________________ voice vlan oui-table add 000fe2 H3C_Aolynk______________ voice vlan oui-table add 001049 Shoretel________________ voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone voice vlan oui-table add 00907a Polycom/Veritel_phone___ voice vlan oui-table add 00e0bb 3Com_phone______________ iscsi target port 860 address 0.0.0.0 iscsi target port 3260 address 0.0.0.0 iscsi target port 9876 address 0.0.0.0 iscsi target port 20002 address 0.0.0.0 iscsi target port 20003 address 0.0.0.0 iscsi target port 25555 address 0.0.0.0 hostname core management access-list SSH permit service ssh exit aaa authentication enable default line aaa authentication login default line line ssh password *************** encrypted exit line console password ************* encrypted exit username Ryan password encrypted ************* pri vilege 15 ip ssh server ip domain name core.lan line console motd-banner exit line ssh motd-banner exit line telnet motd-banner exit banner motd ^C MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMWNXXK0OOO0KXNWMMMMMMMMMMMMMMMMMMMMMMMMMM MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMWXOdlcccc::::::ccox0XWMMMMMMMMMMMMMMMMMMMMMM MMMMMMMMMMMMMMMMMMMMMMMMMMMMWXOl;,''''''''''',,'.':lxKNMMMMMMMMMMMMMMMMMMMM MMMMMMMMMMMMMMMMMMMMMMMMMMMNk:'.',''........',,'.';clox0NMMMMMMMMMMMMMMMMMM MMMMMMMMMMMMMMMMMMMMMMMMMMXd,..,;,,,,,,,,,;;clllclllllclxNMMMMMMMMMMMMMMMMM MMMMMMMMMMMMMMMMMMMMMMMMMXo'.',;cloodddddxxkkOOOO0OkdocclxXMMMMMMMMMMMMMMMM MMMMMMMMMMMMMMMMMMMMMMMMXko;,;coxkOOO000000000000KKKKkolc:xNMMMMMMMMMMMMMMM MMMMMMMMMMMMMMMMMMMMMMMXdcdl,:okO00000000000000KKKXXXKkoccdk0NMMMMMMMMMMMMM MMMMMMMMMMMMMMMMMMMMMMWk;''..:dkOOkkkxkkO0000OOOO00XXKOo:,,:o0WMMMMMMMMMMMM MMMMMMMMMMMMMMMMMMMMMWO:. .;dkkxdooodxkO00OkxxddxkO0Oo,. .;dKWMMMMMMMMMMM MMMMMMMMMMMMMMMMMMMMMWx,.. .:xOOkdcccoxkOO0kxxdocldkO0x, .:dXMMMMMMMMMMM MMMMMMMMMMMMMMMMMMMMMWO;.. .:k0OkxdoodxxkOK0xddoloxO0KO; ..'lKMMMMMMMMMMM MMMMMMMMMMMMMMMMMMMMMM0:.....cO0000OOOkkkOOKK0kkkO0KXXXO; ...lXMMMMMMMMMMM MMMMMMMMMMMMMMMMMMMMMMXl'''..:k00000000OOO0KKKOO0KKKKKKk,....'dWMMMMMMMMMMM MMMMMMMMMMMMMMMMMMMMMMNx;,,'.;x000000000OOO0OOO00KKK000o.....,OWMMMMMMMMMMM MMMMMMMMMMMMMMMMMMMMMMM0c'....oO000K0000OOOOOO0K00000Ok:. ...;kNWMMMMMMMMMM MMMMMMMMMMMMMMMMMMMMMMMNd'. .:k0000000OOO0OO000K00Odol. ..'cOWMMMMMMMMMM MMMMMMMMMMMMMMMMMMMMMMMMXd;'',lkO000OOOOkkkkkxxkkOk:.... .,ldONMMMMMMMMMMM MMMMMMMMMMMMMMMMMMMMMMMMMWX0KXK0OOOOOOOOOOkkkkkkkkx;. ..,:oOKXWMMMMMMMMMMMM MMMMMMMMMMMMMMMMMMMMMMMMMMMMWWX0OOOOOOO0000OOO00OOOdlcllokXNNWMMMMMMMMMMMMM MMMMMMMMMMMMMMMMMMMMMMMMMMWWKOxkOOOkOOOO0000000000Oxxk00OKNWMMMMMMMMMMMMMMM MMMMMMMMMMWWNXXKK00000000Oxc,.,dOOOkkkkOO00000OOOkkxdc;:oOKXXXXNWWMMMMMMMMM MMMMMWNX0Okkxdddddol:;;;'.. 'lxkOOOkkkkkOOOOkxxdxxxx:...,:lddxk0KKXNWWMMMM MMMN0kxdddddooool:'. .cddkOOOOkkkOOOOOkxddxkkkd,. .',;cooddxkOKNMM MWKxoodddoooll:'.. ;ddxkOOOOOkOOOOkxddxxxkko' ....',;::clokXM ^C ! interface vlan 1 ip address dhcp ! interface vlan 13 name Camera ! interface vlan 17 name ******* ! interface vlan 20 name ***** ! interface vlan 24 name LAN ! interface gigabitethernet1/0/3 description MainAP switchport mode trunk switchport trunk allowed vlan remove 2-16,18-19,21-4094 ! interface gigabitethernet1/0/5 description MainAP switchport mode trunk switchport trunk allowed vlan remove 2-16,18-19,21-4094 ! interface gigabitethernet1/0/7 description SouthAP switchport mode trunk switchport trunk allowed vlan remove 2-16,18-19,21-4094 ! interface gigabitethernet1/0/9 description CamSWUplink switchport mode trunk switchport trunk allowed vlan remove 2-12,14-4094 ! interface gigabitethernet1/0/10 switchport access vlan 13 ! interface gigabitethernet1/0/11 description CK no switchport switchport trunk allowed vlan remove 2-12,14-4094 ! interface gigabitethernet1/0/13 description Lore ! interface gigabitethernet1/0/15 description Data ! interface gigabitethernet1/0/17 description Printer ! interface gigabitethernet1/0/18 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/19 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/20 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/21 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/22 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/23 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/24 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/25 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/26 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/27 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/28 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/29 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/30 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/31 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/32 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/33 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/34 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/35 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/36 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/37 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/38 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/39 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/40 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/41 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/42 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/43 description LAN ! interface gigabitethernet1/0/44 description LAN ! interface gigabitethernet1/0/45 description LAN ! interface gigabitethernet1/0/46 description LAN ! interface gigabitethernet1/0/47 description LAN ! interface gigabitethernet1/0/48 description Uplink switchport mode trunk ! Default settings: Service tag: ******* SW version 4.1.0.12 (date 22-Jul-2013 time 16:32:43) Gigabit Ethernet Ports ============================= no shutdown speed 1000 duplex full negotiation flow-control on mdix auto no back-pressure interface vlan 1 interface port-channel 1 - 32 spanning-tree spanning-tree mode RSTP qos basic qos trust cos eee enable 2960C Building configuration... Current configuration : 1703 bytes ! ! Last configuration change at 00:50:18 UTC Mon Jan 2 2006 ! version 15.2 no service pad service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname CameraSW ! boot-start-marker boot-end-marker ! ! enable secret 9 **************** ! username Ryan privilege 15 password 0 **************** no aaa new-model system mtu routing 1500 ! ! ! ip domain-name Cameras.lan ! ! ! ! ! ! ! ! spanning-tree mode rapid-pvst spanning-tree extend system-id ! ! ! ! vlan internal allocation policy ascending ! ! ! ! ! ! ! ! ! ! ! interface FastEthernet0/1 switchport access vlan 13 switchport mode access ! interface FastEthernet0/2 switchport access vlan 13 switchport mode access ! interface FastEthernet0/3 switchport access vlan 13 switchport mode access ! interface FastEthernet0/4 switchport access vlan 13 switchport mode access ! interface FastEthernet0/5 switchport access vlan 13 switchport mode access ! interface FastEthernet0/6 switchport access vlan 13 switchport mode access ! interface FastEthernet0/7 switchport access vlan 13 switchport mode access ! interface FastEthernet0/8 switchport access vlan 13 switchport mode access ! interface FastEthernet0/9 switchport mode access ! interface FastEthernet0/10 ! interface FastEthernet0/11 ! interface FastEthernet0/12 ! interface GigabitEthernet0/1 switchport mode trunk ! interface GigabitEthernet0/2 ! interface Vlan1 ip address dhcp shutdown ! ! ip http server ip http secure-server ! ! line con 0 password ******************* logging synchronous login line vty 0 4 login transport input ssh line vty 5 15 login transport input ssh ! end Thanks!

Reply
Reply
K
King_James_XVI
Junior Member
Find
23
03-14-2025, 09:38 AM
#2
The Dell isn't enabling inter-vlan routing, and you'd like that avoided (especially if you're dealing with VLAN switching issues). As someone familiar with Dell and Cisco switches, I don't perceive any errors in the configurations you shared. To clarify, I recommend deleting the "interface vlan 13 -> name" entries and others except for vlan 1, then swapping them to "vlan 13 -> name". Currently, you haven't assigned names to VLANs at the layer 3 level; instead, you've labeled IP interfaces on each VLAN. If you run "show vlan brief," you won't see the VLAN labels. The ability to ping all VLAN gateway IPs from the switch doesn't confirm the trunk is functioning. The Dell switch only has an IP address in VLAN 1, so it's forwarding pings through its default gateway at 10.0.1.1. The USG responds because it recognizes that IP you're trying to reach is itself and sends the packets back using the DHCP-assigned source IP from the switch in VLAN 1. By default, there are no firewall rules between corporate networks in Unifi—if you need the USG to maintain separate boundaries, you'll have to configure those rules manually. Please share your SG200 configuration for further review.
Reply
Reply
K
King_James_XVI
03-14-2025, 09:38 AM #2

The Dell isn't enabling inter-vlan routing, and you'd like that avoided (especially if you're dealing with VLAN switching issues). As someone familiar with Dell and Cisco switches, I don't perceive any errors in the configurations you shared. To clarify, I recommend deleting the "interface vlan 13 -> name" entries and others except for vlan 1, then swapping them to "vlan 13 -> name". Currently, you haven't assigned names to VLANs at the layer 3 level; instead, you've labeled IP interfaces on each VLAN. If you run "show vlan brief," you won't see the VLAN labels. The ability to ping all VLAN gateway IPs from the switch doesn't confirm the trunk is functioning. The Dell switch only has an IP address in VLAN 1, so it's forwarding pings through its default gateway at 10.0.1.1. The USG responds because it recognizes that IP you're trying to reach is itself and sends the packets back using the DHCP-assigned source IP from the switch in VLAN 1. By default, there are no firewall rules between corporate networks in Unifi—if you need the USG to maintain separate boundaries, you'll have to configure those rules manually. Please share your SG200 configuration for further review.

Reply
Reply
O
OKNK
Member
Find
231
03-14-2025, 09:38 AM
#3
The SG 200 was defaulted with all ports unlabeled. I ran tests using a Dell connected to the USG, but the outcomes weren’t helpful. Regarding the first paragraph, I followed the instructions exactly. On the cam switch, I randomly disabled the native VLAN interface and it assigned an IP address by chance. I’ll check if I can obtain an IP on its access port in the 13 subnet next.
Reply
Reply
O
OKNK
03-14-2025, 09:38 AM #3

The SG 200 was defaulted with all ports unlabeled. I ran tests using a Dell connected to the USG, but the outcomes weren’t helpful. Regarding the first paragraph, I followed the instructions exactly. On the cam switch, I randomly disabled the native VLAN interface and it assigned an IP address by chance. I’ll check if I can obtain an IP on its access port in the 13 subnet next.

Reply
Reply
R
ReborntoKill
Posting Freak
Find
821
03-14-2025, 09:38 AM
#4
So... why are you expecting it to pass VLANs then? You need to define the VLANs, and set the ports 49 and 50 as trunk. Like what? Your config looks fine to me. getting an IP address on the native vlan interface is not surprising, and doesn't teach us anything about whether the other VLANs will work or not. I suggest moving one switch at a time, from the router to the end, and on each one make one or more access ports to test the VLANs. If you can't get an IP while on the SG200 in vlan 13, you won't get an IP on the Dell or camera switch in vlan 13.
Reply
Reply
R
ReborntoKill
03-14-2025, 09:38 AM #4

So... why are you expecting it to pass VLANs then? You need to define the VLANs, and set the ports 49 and 50 as trunk. Like what? Your config looks fine to me. getting an IP address on the native vlan interface is not surprising, and doesn't teach us anything about whether the other VLANs will work or not. I suggest moving one switch at a time, from the router to the end, and on each one make one or more access ports to test the VLANs. If you can't get an IP while on the SG200 in vlan 13, you won't get an IP on the Dell or camera switch in vlan 13.

Reply
Reply
M
MarinaGamer22
Junior Member
Find
14
03-14-2025, 09:38 AM
#5
I had a small win this morning that could have been my issue all along. I went around the SG200 and managed to connect 10.0.1.1 from fa0/1 on the camera switch, which suggests there might be a problem with DHCP. I’ll attach a screenshot of my configuration so you can review it later once testing is done.
Reply
Reply
M
MarinaGamer22
03-14-2025, 09:38 AM #5

I had a small win this morning that could have been my issue all along. I went around the SG200 and managed to connect 10.0.1.1 from fa0/1 on the camera switch, which suggests there might be a problem with DHCP. I’ll attach a screenshot of my configuration so you can review it later once testing is done.

Reply
Reply
C
coolninja2122
Junior Member
Find
47
03-14-2025, 09:38 AM
#6
The DHCP server setup looks fine. When you said “bypassed the SG200,” it means you linked the USG LAN to port 48 on the Dell. Do you receive an IP address from the port 10 of the Dell, which is assigned to VLAN 13? While a client device is connected to a VLAN 13 port, run “show mac address vlan 13” on the Dell or Cisco switches. You should see both router and client MAC addresses. Expect several virtual MACs to appear that are irrelevant, such as all zeros or all f’s—these occur due to switch features.
Reply
Reply
C
coolninja2122
03-14-2025, 09:38 AM #6

The DHCP server setup looks fine. When you said “bypassed the SG200,” it means you linked the USG LAN to port 48 on the Dell. Do you receive an IP address from the port 10 of the Dell, which is assigned to VLAN 13? While a client device is connected to a VLAN 13 port, run “show mac address vlan 13” on the Dell or Cisco switches. You should see both router and client MAC addresses. Expect several virtual MACs to appear that are irrelevant, such as all zeros or all f’s—these occur due to switch features.

Reply
Reply
W
wrecker77
Junior Member
Find
49
03-14-2025, 09:38 AM
#7
I cleaned up and began again on the Dell using LAN 2 on the USG for testing so no one gets cut off. VLANs 13 and 24 are functioning properly, even with the camera switch. The only issue seems to be the .1 subnet, which I suspect is due to it being on LAN 1 instead of LAN 2. Would there be a workaround? I could test it on LAN 1 tomorrow morning when it won’t disturb anyone.
Reply
Reply
W
wrecker77
03-14-2025, 09:38 AM #7

I cleaned up and began again on the Dell using LAN 2 on the USG for testing so no one gets cut off. VLANs 13 and 24 are functioning properly, even with the camera switch. The only issue seems to be the .1 subnet, which I suspect is due to it being on LAN 1 instead of LAN 2. Would there be a workaround? I could test it on LAN 1 tomorrow morning when it won’t disturb anyone.

Reply
Reply
E
EmissaryZ
Member
Find
112
03-14-2025, 09:39 AM
#8
I’m not very experienced with LAN2 on the USG, but it seems you're correct—the two LAN ports function separately and may support different subnets within VLAN1 and across all VLANs.
Reply
Reply
E
EmissaryZ
03-14-2025, 09:39 AM #8

I’m not very experienced with LAN2 on the USG, but it seems you're correct—the two LAN ports function separately and may support different subnets within VLAN1 and across all VLANs.

Reply
Reply
Z
zGuildsPvP_
Junior Member
Find
1
03-14-2025, 09:39 AM
#9
I returned to LAN1 to check the core network functionality, which is the standard created by USG. I believe this limits my issues to VLAN 1. That default network should indeed be VLAN 1? Edit: here’s the revised configuration Core(config)# do sh run no spanning-tree vlan database vlan 13,17,20,24 exit voice vlan oui-table add 000181 Nortel__________________ voice vlan oui-table add 0001e3 Siemens_AG_phone_____________ voice vlan oui-table add 00036b Cisco_phone_____________ voice vlan oui-table add 00096e Avaya___________________ voice vlan oui-table add 000fe2 H3C_Aolynk______________ voice vlan oui-table add 001049 Shoretel________________ voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone voice vlan oui-table add 00907a Polycom/Veritel_phone___ voice vlan oui-table add 00e0bb 3Com_phone______________ iscsi target port 860 address 0.0.0.0 iscsi target port 3260 address 0.0.0.0 iscsi target port 9876 address 0.0.0.0 iscsi target port 20002 address 0.0.0.0 iscsi target port 20003 address 0.0.0.0 iscsi target port 25555 address 0.0.0.0 hostname Core ! interface vlan 1 ip address 10.0.1.100 255.255.255.0 ! interface vlan 13 name **** ! interface vlan 17 name **** ! interface vlan 20 name **** ! interface vlan 24 name LAN ! interface gigabitethernet1/0/3 description MainAP switchport mode trunk ! interface gigabitethernet1/0/5 description MainAP switchport mode trunk ! interface gigabitethernet1/0/7 description SouthAP switchport mode trunk ! interface gigabitethernet1/0/9 description CAMs switchport mode trunk ! interface gigabitethernet1/0/11 description CK ! interface gigabitethernet1/0/13 description Lore ! interface gigabitethernet1/0/15 description Data ! interface gigabitethernet1/0/17 description Printer ! interface gigabitethernet1/0/18 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/19 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/20 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/21 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/22 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/23 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/24 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/25 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/26 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/27 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/28 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/29 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/30 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/31 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/32 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/33 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/34 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/35 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/36 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/37 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/38 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/39 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/40 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/41 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/42 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/43 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/44 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/45 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/46 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/47 description Uplink switchport mode trunk ! interface gigabitethernet1/0/48 description Uplink switchport mode trunk ! Default settings: Service tag: 973CVS1 SW version 4.1.0.12 (date 22-Jul-2013 time 16:32:43) Gigabit Ethernet Ports ============================= no shutdown speed 1000 duplex full negotiation flow-control on mdix auto no back-pressure interface vlan 1 interface port-channel 1 - 32 spanning-tree spanning-tree mode RSTP qos basic qos trust cos eee enable
Reply
Reply
Z
zGuildsPvP_
03-14-2025, 09:39 AM #9

I returned to LAN1 to check the core network functionality, which is the standard created by USG. I believe this limits my issues to VLAN 1. That default network should indeed be VLAN 1? Edit: here’s the revised configuration Core(config)# do sh run no spanning-tree vlan database vlan 13,17,20,24 exit voice vlan oui-table add 000181 Nortel__________________ voice vlan oui-table add 0001e3 Siemens_AG_phone_____________ voice vlan oui-table add 00036b Cisco_phone_____________ voice vlan oui-table add 00096e Avaya___________________ voice vlan oui-table add 000fe2 H3C_Aolynk______________ voice vlan oui-table add 001049 Shoretel________________ voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone voice vlan oui-table add 00907a Polycom/Veritel_phone___ voice vlan oui-table add 00e0bb 3Com_phone______________ iscsi target port 860 address 0.0.0.0 iscsi target port 3260 address 0.0.0.0 iscsi target port 9876 address 0.0.0.0 iscsi target port 20002 address 0.0.0.0 iscsi target port 20003 address 0.0.0.0 iscsi target port 25555 address 0.0.0.0 hostname Core ! interface vlan 1 ip address 10.0.1.100 255.255.255.0 ! interface vlan 13 name **** ! interface vlan 17 name **** ! interface vlan 20 name **** ! interface vlan 24 name LAN ! interface gigabitethernet1/0/3 description MainAP switchport mode trunk ! interface gigabitethernet1/0/5 description MainAP switchport mode trunk ! interface gigabitethernet1/0/7 description SouthAP switchport mode trunk ! interface gigabitethernet1/0/9 description CAMs switchport mode trunk ! interface gigabitethernet1/0/11 description CK ! interface gigabitethernet1/0/13 description Lore ! interface gigabitethernet1/0/15 description Data ! interface gigabitethernet1/0/17 description Printer ! interface gigabitethernet1/0/18 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/19 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/20 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/21 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/22 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/23 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/24 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/25 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/26 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/27 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/28 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/29 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/30 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/31 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/32 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/33 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/34 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/35 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/36 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/37 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/38 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/39 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/40 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/41 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/42 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/43 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/44 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/45 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/46 description LAN switchport access vlan 24 ! interface gigabitethernet1/0/47 description Uplink switchport mode trunk ! interface gigabitethernet1/0/48 description Uplink switchport mode trunk ! Default settings: Service tag: 973CVS1 SW version 4.1.0.12 (date 22-Jul-2013 time 16:32:43) Gigabit Ethernet Ports ============================= no shutdown speed 1000 duplex full negotiation flow-control on mdix auto no back-pressure interface vlan 1 interface port-channel 1 - 32 spanning-tree spanning-tree mode RSTP qos basic qos trust cos eee enable

Reply
Reply
B
Benjamin_Steve
Junior Member
Find
4
03-14-2025, 09:39 AM
#10
In a router or switch that understands VLANs, it’s typical to assume all packets without a VLAN tag belong to VLAN1 by default. Removing the VLAN header from VLAN1 traffic as it exits is convenient for hardware and software. Assigning a port to “access,” “trunk native,” “untag,” or “PVID” simply switches how inbound/outbound traffic is translated for that port, changing its VLAN assignment from VLAN1 to another. The default network in Unifi doesn’t include a VLAN setting. At the programming level, the USG will internally use VLAN1 unless explicitly told otherwise. Packets from VLAN1 won’t carry a VLAN header when exiting the LAN1 port. Unifi doesn’t provide a way to specify which VLAN handles untagged traffic. Avoid setting “1” as the VLAN number for the network; although there are valid cases for sending traffic as tagged VLAN1, Unifi won’t function correctly even if it permits it. When packets reach the switch, assuming a trunk port without a “trunk native vlan” designation, they’re treated as VLAN1. In short, ports 47 and above have a hidden “switchport trunk native vlan 1” setting. Thus, connecting the USG LAN1 to ports 47 or 48 should allow access from VLAN1 ports such as 11 through 17.
Reply
Reply
B
Benjamin_Steve
03-14-2025, 09:39 AM #10

In a router or switch that understands VLANs, it’s typical to assume all packets without a VLAN tag belong to VLAN1 by default. Removing the VLAN header from VLAN1 traffic as it exits is convenient for hardware and software. Assigning a port to “access,” “trunk native,” “untag,” or “PVID” simply switches how inbound/outbound traffic is translated for that port, changing its VLAN assignment from VLAN1 to another. The default network in Unifi doesn’t include a VLAN setting. At the programming level, the USG will internally use VLAN1 unless explicitly told otherwise. Packets from VLAN1 won’t carry a VLAN header when exiting the LAN1 port. Unifi doesn’t provide a way to specify which VLAN handles untagged traffic. Avoid setting “1” as the VLAN number for the network; although there are valid cases for sending traffic as tagged VLAN1, Unifi won’t function correctly even if it permits it. When packets reach the switch, assuming a trunk port without a “trunk native vlan” designation, they’re treated as VLAN1. In short, ports 47 and above have a hidden “switchport trunk native vlan 1” setting. Thus, connecting the USG LAN1 to ports 47 or 48 should allow access from VLAN1 ports such as 11 through 17.

Reply
Reply