3.1. Routing between LANs and to the Internet
3.1.2
Testing
PCs g7 and g19 could ping devices on their own VLAN. Each could ping the VLAN gateway addresses
192.168.14.1
and
192.168.8.1
. Each PC running the Firefox web browser could brows the Inter-
net.
The D-Link devices used as the wireless extender and Internet router are setup not to respond to pings
from any address other than those coming from their home network, in this case
192.168.8.0
.
3.1.3
Removing Internet access
For the network of Figure 3.1 and using the configuration process described, there are two ways of
removing Internet access from both VLAN networks. One method would be not to provide a default
gateway when configuring the routing VLANs. The alterate was to remove, or turn off the default
gateway. This was done using the switch menu sequence:
Routing
→
Routing table
which produced the
Route Configuration
display. Under the
Configure Routes
heading the
DefaultGateway
was shown. By clicking the small square box on the left of this
DefaultGateway
, a
tick appeared in that square box and the entry was colour highlighted. By clicking the
DELETE
button at
the bottom of the screen, the entry, together with the default gateway was removed. No members from
VLANs could then access the Internet.
The alternate, but more drastic, method method is to remove the wireless range extender from VLAN
22 of the network of Figure 3.1. This removed the wireless network from being accessed by the switch.
This was done by removing VLAN 22, since individual ports cannot be removed from a VLAN. The
switch menu sequence:
Switching
→
VLAN
produced the
VLAN Configuration
screen which listed all VLANs on the switch. The square box
next to VLAN 22 was clicked and the
DELETE
button at the bottom of the screen clicked. VLAN 22
disappeared. It was then necessary to reconfigured VLAN 22 as a routing VLAN with members as
before, minus port 23 which contained the wireless extender. This would be done using the switch
menu sequence:
Routing
→
VLAN
→
VLAN Routing Wizard
as above.
3.1.4
Important to note from this example
•
The gateway address set into the configuration of each device on a routing VLAN must match the
gateway address assigned to the VLAN in which it is set in the switch.
•
The network mask of each device on a routing VLAN must be the same as the network mask on
the routing VLAN’s gateway.
•
Any network activity on routing VLANs is seen by all routing VLANs on the switch.
•
Every device on each VLAN is accessible by any other device on any VLAN.
•
The network mask on each device must be set the same, for example to
255.255.255.0
.
This is
ignored by all references seen.
22
