setting up a VLAN, VLAN PC has Internet access but cannot ping each other within VLAN
in Discussions
Hello All, I am new to VLAN's and I know I'm close. Ultimately, I want to have 2 different networks that do not talk to each other, but do want them to talk within their own network and have internet access.
Current setup regular network setup on a SonicWall Firewall with a 192.168.111.x on the first interface
I setup a VLAN with an ID of 20 (VLAN20) of which contains 2 computers 192.168.20.68 and 192.168.20.169.
Currently I can ping the internet that's OK
I can ping the 192.168.111.X network That's NOT OK
I cannot ping within my 192.168.20.x any devices That's Not OK
I have my setup below maybe someone can see a problem?

NEXT Screen

Next Slide

Current setup regular network setup on a SonicWall Firewall with a 192.168.111.x on the first interface
I setup a VLAN with an ID of 20 (VLAN20) of which contains 2 computers 192.168.20.68 and 192.168.20.169.
Currently I can ping the internet that's OK
I can ping the 192.168.111.X network That's NOT OK
I cannot ping within my 192.168.20.x any devices That's Not OK
I have my setup below maybe someone can see a problem?

NEXT Screen

Next Slide

Accepted Solution
-
Zyxel_Lucious Moderator, Member Posts: 236
Master Member
@Avanti
We recommend GS1920v2 series which is our web-smart managed model can support ACL.
https://www.zyxel.com/products_services/8-24-48-port-GbE-Smart-Managed-Switch-GS1920-Series/
Zyxel_Lucious
Sign In to comment.
All Replies
I can Ping the internet - That's Good
I can Ping other PC's within my VLAN - That's Good
PROBLEM LEFT
How do I block my 192.168.111.x network from communication to 192.168.20.x Network and visa versa??
should VLANS by default block communications between Networks?
here was my change I tagged my TRUNK.
Welcome to Zyxel community.
Your GS1900's VLAN setting now is basically correct for L2 forwarding.
As for your remaining issue:
1) ACL on switch, unfortunately GS1900 series is rather entry level model without ACL feature.
2) Policy route on router, so you may have to configure policy route rule to forbid specific communication between 192.168.111.x and 192.168.20.x on your SonicWall Firewall.
Hopefully it helps.
Zyxel_Lucious
Thanks
Avanti