FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.
0 votes
120 views 1 comments
by anonymous

I have a RUTXR1 with two VLANs - each on a separate physical port.

Devices in VLAN1 administer devices (access via ssh and webui) devices in VLAN2. There is a static route setup in the RUT as: 

Screen Shot 2022-12-31 at 11.09.53 AM.png (1525×199)

This has all worked fine for several months.

Suddenly (without any changes to router) Windows devices in VLAN1 cannot access VLAN2 devices. Ping times out, traceroute times out. There is no route in the Windows or Linux devices routing tables that show 10.0.2.0 -> 10.0.2.254 as I would have expected. Linux devices on VLAN1 are able to ping and SSH devices in VLAN2.

Complication:

I use zerotier (client running on RUT) to remotely access this RUT and its network. I can still access both VLAN1 & 2 remotely by directly entering IP addresses on my "home" ZT-connected PC. The Zerotier network is configured to forward 10.0.1.0 -> 10.0.1.254 and 10.0.2.0 -> 10.0.2.254.

So this means that my request arrives correctly at the router's ZT interface, and is correctly forwarded to the VLAN2.

Am I correct in expecting the IP routing tables on the devices in VLAN1 to list 10.0.2.0 -> 10.0.2.254, since this is defined in the router as a static route?

Are there any other suggestions on how to resolve this strange issue? I'm suspecting it is some glitch with the router to do with the routing. The router has been power cycled several times. What is the correct way to force the routing to be refreshed?

by anonymous

Somehow this boiled down to a restart of Windows machine (a risk previously avoided on a remote unmanned site).

However, running tracert to a VLAN2 device, it appears that it is only successful due to the zerotier forwarding. (ie the traffic is going via the zerotier interface (192.168.191.7) in order to get to another subnet on the same router!)

How can I configure the router to correctly forward/route traffic from one VLAN to another locally, without relying on the managed route I happen to have Zerotier configured for.

1 Answer

0 votes
by anonymous

Hi,

Could you please ensure that the firewall zones are correctly configured? Take a look HERE. If the firewall settings seem fine, then please provide a troubleshoot file from System -> Administration -> Troubleshoot. You can attach this file to the question or send it to me via private message.

Kind Regards,

Andzej