Cannot ping a server. Wan over vlan on Cisco/Linksys switch

by K.Madura   Last Updated January 24, 2018 10:00 AM

I have an old, but mostly unused Cisco/Linksys slm224g4s switch and Mikrotik B2011UiAS-RM router. On a switch I've configured three vlans, two for WAN1 (id:3) and WAN2 (id:4) and third for LAN (id:2).

My current port configuration

port number - designation - port2vlan - port setting pvid
1 - WAN1 input - 2 excl, 3 excl, 4 untagged - 4
2 - WAN2 input - 2 excl, 3 untagged, 4 excl - 3
3-12 servers - 2 tagged, 3 tagged, 4 tagged - 2
13 - WAN1 to router - 2 excl, 3 excl, 4 untagged - 4
14 - WAN2 to router - 2 excl, 3 untagged, 4 excl - 3
15-24 servers - 2 tagged, 3 tagged, 4 tagged - 2
G1 - LAN from router - 2 untagged, 3 excl, 4 excl - 2
G2-G4 servers - 2 tagged, 3 tagged, 4 tagged - 2

Configuration in admin panel: http://s3.fmdx.pl/public/cisco/

Mikrotik router combines these two WAN connections from two ISPs to make more reliable internet connection and works as a router for the whole company.

We have two, 8 IP addresses blocks from both ISPs, router takes only one IP from each ISP to provide internet access. Remaining IP addresses are used for company servers (files, erp, testing/dev servers, etc..). Mtu is 1500 everywhere.

/etc/network/interfaces configuration looks like this on a temporary server:

# LAN
auto enp1s0.2
iface enp1s0.2 inet static
        address 10.1.4.10
        gateway 10.1.0.1
        netmask 255.255.252.0
        dns-nameservers 10.1.0.1
        vlan-raw-device enp1s0
        mtu 1500

# Netia
allow-hotplug enp1s0.3
iface enp1s0.3 inet static
        address 192.168.0.72
        gateway 192.168.0.65
        netmask 255.255.255.240
        dns-nameservers 8.8.8.8 8.8.4.4
        vlan-raw-device enp1s0
        mtu 1500

# Connected
allow-hotplug enp1s0.4
iface enp1s0.4 inet static
        address 192.168.1.168
        gateway 192.168.1.161
        netmask 255.255.255.240
        dns-nameservers 8.8.8.8 8.8.4.4
        vlan-raw-device enp1s0
        mtu 1500
  • WAN IP addresses in this example are not real.

Vlan package is installed, 8021q module is on, first vlan interface (LAN) works just fine, I can ping anything through that interface.

Unfortunately I cannot ping anything using second and third vlan interface, also the server is not accessible from the internet.

ifup enp1s0.3 or enp1s0.4 returns

Set name-type for VLAN subsystem. Should be visible in /proc/net/vlan/config
RTNETLINK answers: File exists
ifup: failed to bring up enp1s0.3

ifdown enp1s0.3 or enp1s0.4

ifdown: interface enp1s0.3 not configured

What am I missing?



Related Questions




cisco asa 5512-x policing

Updated April 30, 2015 21:00 PM