we have a few problems trying to setup a network, we will try to explain what we got.
These are the devices that we have:
-ISP #1 modem
-ISP #2 modem
-Cisco Router 4331
-Cisco Firewall 5508
-Some switches
-An internal DNS Server and a few PC’s
Network topology
You can see the network diagram (the diagram is just to illustrate the topology).
Actual status
-The ISP #1 modem and the ISP #2 modem assign DHCP as show in images
-The Router can ping to ISP #1 modem and ISP #2 modem
-The Router can ping to google.com through ISP #1 modem and through ISP #2 modem
-The Firewall can’t ping to any ISP modem or google.com
-The PC’s can’t ping any ISP modem or google.com
-This link contains a shared folder with attached files (https://1drv.ms/f/s!AqkJyrRRfKHigetLlyGFtQ8RX_RpKg)
Edit:
Everything was solved by deleting the default network option!
Are you sure the firewall the default gateway set to the router (192.168.4.247)?
It looks like PCs have the firewall as default gateway, which is correct. Also, the router has default routes as part of the DHCP negotiation with ISP#1 and ISP#2 modems. But nothing shows that the firewall knows where to send non-local packets.
Hope it helps!
Related
I'm writing to you because I can't solve a problem with a client.
My client has an infrastructure with the following characteristics:
2 ISP routers
1 fortigate firewall
1 dedicated router that broadcasts a UCOPIA US250 guest portal
65 Zyxel switches (1900 - 24) and one 4600 switch (4x 24 ports for the core network)
250 WIFI LIGOWAZE NFT terminals
80 VLANs
I do not manage the first 3 equipments, it is another provider.
Today, I have to pass the VLAN dedicated to the guests.
The other provider has set up the FORTIGATE to broadcast the DHCP and the associated VLAN on the DMZ port to the OUT port of the UCOPIA.
I have to broadcast VLAN 420 from the IN port to the ZYXEL switch and to the LIGOWAVE terminals.
However, when I am connected to the UCOPIA on the IN port, I manage to get the desired IP and to reach the portal, but when I test on the ZYXEL switch, it is impossible to get the dedicated VLAN.
I put myself on another port of the ZYXEL, I TAG the VLAN in question. I have modified the ID of my VLAN on my computer in DHCP that does not work. I tried to use static IP but still nothing. I can't even ping the gateway.
The ZYXEL port to which the UCOPIA is connected is TAGGED on the dedicated VLAN. I have also tried Untagged and excluding all the other VLANs but it is impossible to get this network.
Do you have any other ideas for me?
Here, you can see my diagram network:
MyNetwork
I resolved my problem.
I configured Switch like that:
Untagged dedicated VLAN
But i forgot to change the PVID VLAN.
I changed it and that work !
Recently I have followed this link to setup a wireless router into an access point in my home.
Our current network components are as follows:
Main router (192.168.1.1): a Sercomm router configured by the ISP, with DHCP enabled for address 192.168.1.30 onwards.
AP router (192.168.1.2): a TP-Link WD8970 router on the bridge mode, with WDS turned on (on the same SSID, mode and channel as the main router) and DHCP turned off. However, this AP is configured to broadcast a different SSID to indicate a different storey.
Devices (182.168.1.xx): desktop or mobile clients that could connect to both SSIDs.
(click here for the topology image)
The problem is that:
Most of the time, devices connected to AP router's SSID is given 169.254.x.x IP addresses and could not reach the internet
Devices that is configured with a dynamic IP and connected to the main router's SSID could reach only devices connected to the main router's SSID
Devices that is configured with a static IP and connected to AP router's SSID could reach both routers (the main router at 192.168.1.1 and the AP router at 192.168.1.2, respectively)
DHCP packets are not forwarded from the main router (192.168.1.1) to the AP router (192.168.1.2), while other types of packets could flow through
How would you advice on configuring this home network differently, to make it more stable and usable?
I had the same issues in past days. I fixed checking the flag "DHCP RELAY". As soon as I checked it all went fine. All devices connected to the wireless router have received the IP address form DHCP server.
https://www.tp-link.com/us/support/faq/1630/ (the real configuration page on Archer D7 is slightly different form what stated in the link).
This was my network: I have a small usb powered 4G modem/router connected to internet. I wanted to share the internet with several devices located far from the 4G modem/router, so I decided to extend the coverage by means a TP-LINK Archer D7 ADSL modem/router used as Wifi access point. I connected the 4G modem to AP through WDS. The pc's and printers connected to Archer D7 (AP) were fine, security camera, smartphones etc.. no IP from DHCP. After the setting DHCP RELAY everything went fine.
Most of the time, devices connected to AP router's SSID is given 169.254.x.x IP addresses and could not reach the internet
This issue has to do with the WDS connection and poor connection from the AP to the main router. As a wifi expert (ok, expired CWNA) it's never a good idea to use WiFi extenders or WDS in your case. It increases interference, adds an extra hope, and rarely helps. While it's easy to think of these as a signal booster the wifi network protocol isn't setup for these types of connections. Only some commercial APs with parabolic antennas can truly benefit from wifi extenders.
Test with a cable connected from the main router to the AP and use the interfaces instead of wifi. It's possible you have DHCP issues with your wifi issue so first test with static IPs.
If this works then you should leave the cable in place. Understandably this isn't always possible so replacing your main router with a quality wifi router would be my 2nd choice. Sorry I don't know any good consumer grade APs but they are out there.
Hello Everyone!
I want to know that is there any way to access a photocopier machine which is connected to a computer through Ethernet wire and that computer is connected to my WiFi network?
P.S: What if I don't know the IP assigned to that Photocopier machine?
If the wireless network is part of the wired network you should have any problem reaching the photocopier.
If you don't know the IP address, you can reach it by host name if the DHCP and DNS are working properly. If you are on an Active Directory infrastructure and DHCP and DNS are integrated it should be transparent.
If you are on your home with a "home" router they usually do the hostname to IP resolve (DNS).
You can nslookup hostname in your machine to see if your dns is resolving the ip address. you can also ping hostname or ping ip address to test that you can reach the desired host. Some hosts block ping (ICMP) requests, please note that ping is ping does not respond is not a definitive solution.
Please note that in your home router you should use your router or default gateway to be the DNS also, and then add the google public DNS or your ISP.
Also when connecting the access point to an existing network you may have 2 DHCP servers providing IP addresses to hosts, you should disable DHCP on the Access Point and connect the AP to the network using the switch port and not the WAN port (the WAN port will try to do NAT and assign a different set of IP addresses).
hello everyone I am setting up a network I had two mikrotik routers one is the main(mikrotik 1) and secondary router (mikrotik 2). Mikrotik 1 is having dhcp client ether 3 taking everyone information from dhcp. both routers are connected to each other on ether 1 and with the ip address of 192.168.199.1/24 on mikrotik 1 and 192.168.199.2/24 on mikrotik 2. I am trying to run pppoe on mikrotik ethernet 2 but I cannot ping mikrotik 1 default gateway that is acting as default gateway for the network.
I tried creating static routes everything I know of I tried but it did not work
All replies are appreciated!!
Thanks
This config always works good. And for [mikrotik2]> ping 192.168.199.1 will work too.
[mikrotik2]> ping mikrotik1_default_gateway will work only if nat enabled. Don't forget reset configuration after last test.
This is an easy solution, I just don't have it, so please help!
I have 6 Ruckus R500 WAP, connected into 2 Cisco SG300's, which are then connected to FortiGate 200D.
On the WAP, I have 5 SSID, one of which is set to VLAN 2.
The ports which the WAP connect to on the SG300's have VLAN 2 added to them, trunk mode.
In the FortiGate200D:
All ports are in LAN HW Switch.
IP: 10.3.7.210/255.255.252.0
DHCP 10.3.4.1-10.3.5.254
I have a VLAN sub created on the LAN, with an Id of 2.
IP: 10.3.9.1/255.255.255.0
DHCP 10.3.9.2-254
There are "auto" routes created for 10.3.9.0/24 --> 0.0.0.0
When I connect to the VLAN 2 SSID, I am unable to pull an IP. If I set static IP, I am unable to ping. Where am I messed up? Is it because my LAN HW Switch subnet does not contain 10.3.9.xxx ? What would the best way to overcome this be, perhaps change LAN HW Switch to 10.3.0.0/21?
Basically the end goal is 10.3.4.0 and 10.3.5.0 for normal connections. And then a separate subnet for VLAN2, could be 10.3.8.0 or 10.3.9.0 or whatever, even 192.168.1.0.
This was solved by Zac67. I had to correct tagging, then open up traffic to WAN and DHCP kicked in just fine. Thanks Zac67