Balance as a switch

unbrdn · August 22, 2017, 12:45pm

I currently have two Balance 580s, one of which is the gateway on my current network and then a spare. I’d like to put the spare 580 within my network as a segregated network. Is this possible? and what would be the easiest way to accomplish this?

Would it be as simple as setting one of the physical ethernet ports to lan interface, then setup one of the wan ports to the desired static ip and define the gateway as default gateway and then plugging in the wan to the lan?

MartinLangmaid · August 23, 2017, 8:57am

Pretty much yes. The Balance 580 only has a single LAN port, so you’d plug the wan of the 2nd balance 580 into the switch that is connected to the LAN port of the gateway 580, then you’d have a segregated network on the LAN of the 2nd balance which the devices on the LAN of your gateway would not be able to route to because of NAT on the second balance.

unbrdn · August 29, 2017, 9:22am

Martin,
Thank you for the reply. So I plugged my second 580 into a port on my switch and can see that it’s connected and it’s been assigned an IP, but I’m not getting any internet connection on the second peplink. Is there something I’m missing? I’ve tried setting the wan port to static and assigning it an IP from the first network and pointing to the first peplink’s IP as the gateway and no dice, as well as just setting that wan port to DHCP, but still no connection. The second 580 does assign IPs to any devices connected to it, but like I mentioned no internet connection. thanks again

MartinLangmaid · August 29, 2017, 1:14pm

Is the LAN subnet of the 2nd Balance the same as the first (ie 192.168.1.x) if so they need to be different.

ON a device connected to the 2nd 580 can you ping the LAN IP address of the 1st balance?

unbrdn · August 29, 2017, 1:56pm

Martin,

The subnet of the 2nd balance is different, as well I am able to ping the 1st balance.

MartinLangmaid · August 29, 2017, 2:20pm

Ok. So assuming the 2nd balance has NAT enabled on the WAN (which is the default) rather than IP forwarding, the only likely thing that might be affecting internet access would be DNS resolution.

On a device connected to the LAN of the 2nd balance what happens if you ping a URL like www.bbc.co.uk does it resolve the URL to an IP address?

Can you ping 212.58.246.93 from a device on the LAN of the 2nd balance?

unbrdn · August 29, 2017, 2:45pm

I was unable to ping an external IP from a device on the 2nd balance.

MartinLangmaid · August 29, 2017, 2:57pm

If you login to the 2nd balance web ui and goto System > Tools | Ping can you ping an external IP with the connected WAN link selected?

unbrdn · August 29, 2017, 3:25pm

I was able to ping from there

PING 8.8.8.8 (8.8.8.8) from 10.10.10.69 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_req=1 ttl=58 time=3.59 ms
64 bytes from 8.8.8.8: icmp_req=2 ttl=58 time=3.62 ms
64 bytes from 8.8.8.8: icmp_req=3 ttl=58 time=3.65 ms
64 bytes from 8.8.8.8: icmp_req=4 ttl=58 time=3.54 ms
64 bytes from 8.8.8.8: icmp_req=5 ttl=58 time=10.1 ms

— 8.8.8.8 ping statistics —
5 packets transmitted, 5 received, 0% packet loss, time 4006ms
rtt min/avg/max/mdev = 3.545/4.905/10.106/2.601 ms

501e · August 29, 2017, 5:53pm

Seems like a routing issue. Have you tried to run a traceroute from the device connected on the 2nd balance?
What’s the ip config of the device?

unbrdn · August 30, 2017, 11:59am

A Traceroute to the external IP on within my network?

unbrdn · September 1, 2017, 1:06pm

Here is the IP config of the device:

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Link-local IPv6 Address . . . . . : fe80::2c27:317:b187:9426%10
   IPv4 Address. . . . . . . . . . . : 192.168.1.10
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 10.10.10.2
                                       192.168.1.1

unbrdn · September 1, 2017, 1:07pm

Martin,

Thanks for your help thus far, do you have any further ideas?

MartinLangmaid · September 1, 2017, 1:37pm

Where has that 10.10.10.2 IP come from? a lan device should only ever have a single gateway.
This is how your network (and devices connected to it) should look like.

MartinLangmaid · September 1, 2017, 1:37pm

With your own IP addressing in place of my example subnets in the diagram.

unbrdn · September 1, 2017, 2:30pm

Martin,

Thanks for the reply. Oddly enough I’m not sure why 2 gateways were visible, nor can I replicate it again when running ipconfig. the 10.10.10.2 is the 580 GW, but now when i’m running ipconfig it’s showing the 580 #2’s @ 192.168.1.1 but still no access to the internet.

MartinLangmaid · September 1, 2017, 2:52pm

OK. So you just need to go step by step through the routing path and make sure each step is configured properly to work out where the config error is.

Assuming a device (A) connected to the LAN of the B580 #1 in the gateway role can access the internet:

Check the WAN configuration on the B580 #2 device and confirm the gateway and DNS settings there are the same as Device A
on the web ui go to the ping tool and confirm you can ping a url (eg www.bbc.co.uk) and an external IP (eg 8.8.8.8)
assuming you can, plug in a device (B) in to B580 #2 LAN and confirm you can ping the LAN address of both B580s.
if you can check for internet access - if that works go eat cake and be merry.
if you can’t ping the LAN IPs of both the B580s then check the device B IP addressing and make sure it has an IP in the same LAN subnet of B580 #2 and that the LAN IP of B380 #2 is the gateway IP of device B