Struggling to configure VLAN properly (LANCOM, no internet)

Question

I'm currently trying to configure several port-based VLANs for guest rooms, but I'm either not getting any network connection or no internet access depending on what I configure.

There are several switches connected to each other, a router and a DNS/DHCP Server separately. The configuration is as follows with pastebin links to the exported config files:

• 1 LANCOM switch where all devices that should be in their respective VLANs are connected (Ports 1-4 in VLAN 10, Ports 5-12 in VLAN 20, Ports 13-16 in VLAN 30 and Ports 17-20 in VLAN 40). I configured the VLANs in the LANCOM webconfig and assigned them to their respective ports, as well as disallowing the default VLAN 1 from them. I have an ethernet connection from Port 24 to the next switch and all VLANs (1, 10, 20, 30, 40) are allowed on that port. The following configuration does not show that, but I tried to add the PVIDs to the respective ports as well and that didn't work either: https://pastebin.com/GC1Jp6GH

• 1 LANCOM switch where other devices are connected that all should stay in VLAN 1. I allowed all VLANs on the ingress port which is connected to the switch above. This switch also has an ethernet connection to the next switch on another floor, where all VLANs are also allowed: https://pastebin.com/cWeKXTU7

• 1 LANCOM switch on the floor below with basically the same configuration as the last one, also with other devices and another ethernet connection to the "master" switch. All respective ingress and egress ports that connect the switches allow all VLANs: https://pastebin.com/U32C7LNZ

• 1 LANCOM "master" switch which has ethernet connections to the last switch, the router and the DNS/DHCP server. All 3 ports allow all VLANs: https://pastebin.com/zcaTp6Cp

• 1 LANCOM router where all VLANs are registered: https://pastebin.com/R3UDiVUK

I also configured DHCP Address Pools for each VLAN and Reverse DNS Zones for each VLAN so that the DNS Server can be reached.

With no additional configuration, I can't get VLAN devices to identify the network at all. If I register the PVID in the first switch for each port, the network gets identified as "Network 2" with no internet connection. If I configure DHCP Relay on all Switches (with both the gateway ip address as well as the ip address of the DHCP Server) without PVID, the network gets correctly identified, but I don't get any internet connection as well.

It's been some years that I learned all this network stuff and I haven't actively been working in that field for a while now, so please be gentle with me if I missed something completely obvious. Any help and/or explanation would be greatly appreciated!

Answer 1

Here are some basic configuration requirements:

Each VLAN interface on your router must be in a unique subnet. They can not overlap. The interface address will be the default gateway for devices in that VLAN.

Each port on your switch can have only one untagged VLAN. If you want your PC to be on VLAN 10, then VLAN 10 must be untagged on that port. PCs will ignore tagged VLANS.

If your router is connected to your switch(es) via a single physical connection, then that port on the switch must have all VLANs enabled on it.

If you've done all this and things still don't work, then we will need to see your router and switch configurations (in text format).