Hi
I've set up my ERX with eth0 as WAN (currently just acquiring DHCP from my internal network but will later be connected direct to my modem) and switch0 with all remaining ports eth1-4, ip address 10.1.0.1 and DHCP (using the basic setup wizard).
What I was looking to do was set up VLANs on the various ports so that I could seperate some of my physically connected devices from others, and also create a guest network via wifi AP which is separated from all of the wired network.
To test I have set up vlan 3, given it IP 10.3.0.1 and created a DHCP server for the 10.3.0.0 range. Then on switch0 I've set eth3 to pvid 3. Connecting my chromebook I get a 10.3.0.x IP, but cannot then ping anything outside of that range or the rest of my network / the internet. Putting it into any other port gives a 10.1.0.x IP and internet connection. I can also then ping the 10.3.0.1 gateway, but not anything inside of that.
I have to admit I'm not sure where to go from here. I'd assumed that I'd need to set firewall rules to lock down access to the vlans rather than find no access out of them. What am I missing here? Do I need to create a static route/NAT and if so what form should that take? Or am I going about this the wrong way?
Any help and pointers would be gratefully received!
