I have a client that wanted 3 VLANs for internal political reasons. 192.168.45.x is the shared/management network that houses the domain controller/file server and network printer, 192.168.46.x is one half of the building, and 192.168.47.x is the other half of the building.
I have one 1920 16port switch with the 3 VLANs set up and configured in the main building and everything works fine. The Untangle Firewall handles the traffic between the two VLANs preventing traffic from crossing from 46.x to 47.x and vice versa. Both the 46.x and 47.x networks can access 45.x and vice versa which is how the client wants it.
The issue I have is that the other building houses the domain controller as well as a few other workstations. I have it set to port 16 on the main switch goes to port 16 on the second switch. The only combination that I have found that allows traffic is to set both port 16's to Untagged VLAN 1 (45.x), Tagged 46-47, Hybrid, PVID 1. When it is set to that, the entire second switch will generate 45.x addresses. If I try and give a workstation a 47.x address like I did on switch 1 [Untagged 1,47; Hybrid; PVID 47] all I get is a 169.x address. So clearly the tagged packets are not passing from switch 1 to switch 2 and vice versa. Both switches are configured exactly the same as far as the VLANs, etc. I'm clearly missing something straightforward and obvious, but I'm not seeing it.
Untangle Firewall/Default Gateway - 192.168.45.1
Switch 1
Static IP - 192.168.45.2
VLAN's 1, 46, 47
VLAN Interface 192.168.45.2, 192.168.46.2, 192.168.47.2
DHCP Relay, Server Group 1-192.168.45.1, 2-192.168.46.1, 3-192.168.47.1
vlan-interface1-disabled, vlan-interface2-enabled -> Server Group2, vlan-interface3 -> Server Group3
Ports for 47.x addresses set to Untagged 1,47, Tagged - blank, Hybrid, PVID 47
Ports for 46.x addresses set to Untagged 1,46, Tagged - blank, Hybrid, PVID 46
Ports for 45.x addresses set to Untagged 1, Tagged - blank, Access, PVID 1
Port 16 to Switch 2, Port 16 set to Untagged 1, Tagged 46-47, Hybrid, PVID 1
Switch 2
Static IP - 192.168.45.3
VLAN's 1, 46, 47
VLAN Interface 192.168.45.3, 192.168.46.3, 192.168.47.3
DHCP Relay, Server Group 1-192.168.45.1, 2-192.168.46.1, 3-192.168.47.1
vlan-interface1-disabled, vlan-interface2-enabled -> Server Group2, vlan-interface3 -> Server Group3
Ports for 47.x addresses set to Untagged 1,47, Tagged - blank, Hybrid, PVID 47
Ports for 46.x addresses set to Untagged 1,46, Tagged - blank, Hybrid, PVID 46
Ports for 45.x addresses set to Untagged 1, Tagged - blank, Access, PVID 1
Port 16 to Switch 1, Port 16 set to Untagged 1, Tagged 46-47, Hybrid, PVID 1
Thanks
-Jon