How to access Netgear GS308T switch?

colouredhair · November 3, 2021, 1:39pm

I installed OpenWRT via the web interface of a GS308T switch but couldn't access it. Reading here I discovered this post Support for RTL838x based managed switches - #367 by slh. I added the VLAN on my computer and was then able to ssh to the switch to upgrade it but could no longer access the router via ssh or web. After deleting the VLAN from the computer I can access the router again but not the switch. Is there any way I can access them both? Do I have to create the VLAN on the router instead?
Computer -> switch -> router -> WAN is working fine without the VLAN but will I run into any problems if I connect a NAS or server to the switch? Sorry if these are silly questions but this is all still very new to me!

trendy · November 3, 2021, 1:44pm

Doesn't this solution work for you?

colouredhair · November 3, 2021, 6:40pm

Yes thanks, I missed that. I've changed the config to:

config interface 'loopback'
	option ifname 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix '<previous value>'

config device 'switch'
	option name 'switch'
	option type 'bridge'
	option macaddr '<mac address>'

config bridge-vlan 'lan_vlan'
	option device 'switch'
	option vlan '1'
	option ports 'lan1 lan2 lan3 lan4 lan5 lan6 lan7 lan8'

config interface 'lan'
	option ifname 'switch.1'
	option proto 'static'
	option ipaddr '192.168.1.2'
	option netmask '255.255.255.0'
	option ip6assign '60'

config device 'lan_switch_1_dev'
        option name 'switch.1'
        option macaddr '<mac address>'

I can access the switch via ssh on 192.168.1.2 now but I can't update opkg to install luci (I'm sure I did it at some point before doing a reset). It's just giving me a lot of opkg_download: Check your network settings and connectivity.

I'm trying trying to figure it out now but if anyone has any suggestions that would be handy!

psherman · November 3, 2021, 6:56pm

You need to add the gateway and dns to the lan interface so that the device can connect out to the internet.

colouredhair · November 4, 2021, 11:14am

Unfortunately, before trying the previous suggestion, I changed the IP address in the config from 192.168.1.2 to 192.168.2.1 and now I can't access the switch at all. I've tried unplugging it and also pressing the reset button. 192.168.1.2 still shows up in the router's IPv4 neighbours.

I've tried having just the computer plugged into the first port on the switch and having the router plugged into the first port (with the computer connected to the switch or the router). I couldn't find anything with ssh, ping or nmap besides the router and computer with or without vlan 100.

Is there any way to access it without having to solder anything or will this be my first bricked device?

trendy · November 4, 2021, 12:52pm

Did you edit the config file directly or did you try to change the IP from Luci? Was that the only change you did?

bobafetthotmail · November 4, 2021, 1:22pm

I assume that by "pressing reset button" you mean you followed the procedure as here https://openwrt.org/docs/guide-user/troubleshooting/failsafe_and_factory_reset#reset_button

Because it may differ from the stock firmware reset instructions

Also, did you try setting your PC's IP to 192.168.2.100 and then try to connect to it?

colouredhair · November 4, 2021, 3:02pm

I edited the file directly with vi over ssh to what it says in my previous post. That allowed me to access the switch without the vlan. Then I changed only the line option ipaddr '192.168.1.2' to option ipaddr '192.168.2.1' (again with ssh and vi) and rebooted it with reboot and haven't been able to access it since.

Yes.

Not sure if I did it right but I created a new connection with address 192.168.2.100 and netmask 24 but still couldn't find the switch.

trendy · November 4, 2021, 3:47pm

Sounds right, as long as there was no mistake in editing the network config file.
From the PC can you ping the 192.168.2.1 ? Is there an entry in the arp table? arp -a

colouredhair · November 4, 2021, 4:45pm

Here's all the combinations I've tried:

On 192.168.1 using vlan 100 with computer plugged into first port on switch:
 ssh: connect to host 192.168.1.1 port 22: No route to host
 ssh: connect to host 192.168.1.2 port 22: No route to host
 ssh: connect to host 192.168.2.1 port 22: Network is unreachable
 ping 192.168.1.1 Destination Host Unreachable
 ping 192.168.1.2 Destination Host Unreachable
 ping 192.168.2.1 Network is unreachable
 nmap -sn 192.168.1.0/24 only found computer
 nmap -sn 192.168.2.0/24 found no hosts

On 192.168.1 using vlan 100 with computer plugged into second port on switch, router plugged into first:
 ssh: connect to host 192.168.1.1 port 22: No route to host
 ssh: connect to host 192.168.1.2 port 22: No route to host
 ssh: connect to host 192.168.2.1 port 22: Network is unreachable
 ping 192.168.1.1 Destination Host Unreachable
 ping 192.168.1.2 Destination Host Unreachable
 ping 192.168.2.1 Network is unreachable
 nmap -sn 192.168.1.0/24 only found computer
 nmap -sn 192.168.2.0/24 found no hosts

On 192.168.1 using vlan 100 with computer plugged into router, router plugged into first port on switch:
 ssh: connect to host 192.168.1.1 port 22: No route to host
 ssh: connect to host 192.168.1.2 port 22: No route to host
 ssh: connect to host 192.168.2.1 port 22: Connection timed out
 ping 192.168.1.1 Destination Host Unreachable
 ping 192.168.1.2 Destination Host Unreachable
 ping 192.168.2.1 100% packet loss
 nmap -sn 192.168.1.0/24 only found computer
 nmap -sn 192.168.2.0/24 found no hosts
------------------------------
On 192.168.1 with no vlan and computer plugged into first port on switch:
 ssh: connect to host 192.168.1.1 port 22: Network is unreachable
 ssh: connect to host 192.168.1.2 port 22: Network is unreachable
 ssh: connect to host 192.168.2.1 port 22: Network is unreachable
 ping 192.168.1.1 Network is unreachable
 ping 192.168.1.2 Network is unreachable
 ping 192.168.2.1 Network is unreachable
 nmap -sn 192.168.1.0/24 found no hosts
 nmap -sn 192.168.2.0/24 found no hosts

On 192.168.1 with no vlan and computer plugged into second port on switch, router plugged into first:
 ssh: connect to host 192.168.1.1 port 22: Network is unreachable
 ssh: connect to host 192.168.1.2 port 22: Network is unreachable
 ssh: connect to host 192.168.2.1 port 22: Network is unreachable
 ping 192.168.1.1 Network is unreachable
 ping 192.168.1.2 Network is unreachable
 ping 192.168.2.1 Network is unreachable
 nmap -sn 192.168.1.0/24 found no hosts
 nmap -sn 192.168.2.0/24 found no hosts

On 192.168.1 with no vlan and computer plugged into router, router plugged into first port on switch:
 ssh root@192.168.1.1 is router
 ssh: connect to host 192.168.1.2 port 22: No route to host
 ssh: connect to host 192.168.2.1 port 22: Connection timed out
 ping 192.168.1.1 working
 ping 192.168.1.2 Destination Host Unreachable
 ping 192.168.2.1 100% packet loss
 nmap -sn 192.168.1.0/24 found router and computer
 nmap -sn 192.168.2.0/24 found no hosts
==============================
On 192.168.2 with no vlan and computer plugged into first port on switch:
 ssh: connect to host 192.168.1.1 port 22: No route to host
 ssh: connect to host 192.168.1.2 port 22: No route to host
 ssh: connect to host 192.168.2.1 port 22: No route to host
 ping 192.168.1.1 Destination Host Unreachable
 ping 192.168.1.2 Destination Host Unreachable
 ping 192.168.2.1 Destination Host Unreachable
 nmap -sn 192.168.1.0/24 found no hosts
 nmap -sn 192.168.2.0/24 only found computer

arp -a has actually found something:
? (192.168.2.1) at <incomplete> on enp37s0
I haven't edited out the mac address there, it seems to be missing.

trendy · November 4, 2021, 9:48pm

192.168.2.X and vlan100? Although I don't expect it to work.
Maybe something went wrong editing the file and you need to reset to defaults.

colouredhair · November 4, 2021, 10:03pm

Thanks for trying to figure it out! Still nothing though.
arp -a had more results with this setup:

? (192.168.1.1) at <incomplete> on enp37s0.100
? (192.168.2.1) at <incomplete> on enp37s0.100
? (192.168.2.1) at <incomplete> on enp37s0
? (192.168.1.2) at <incomplete> on enp37s0.100

trendy · November 4, 2021, 10:22pm

One last thing to try before looking for a way to reset to defaults.
Do a packet capture from the PC, either wireshark or tcpdump, and see if you get anything from the switch. Even an IPv6 might be useful.

colouredhair · November 5, 2021, 11:14am

I found a packet on 192.168.2.100 from an IPv6 address that I could connect to over ssh. It turned out to be OpenWRT in failsafe mode so I did firstboot and reboot. Now I can no longer ssh to that address but I get "No route to host" when trying to connect to 192.168.1.1 with the vlan and Wireshark shows no packets at all. Hopefully it's just taking a while to reload itself and I've not lost it again.

trendy · November 5, 2021, 11:24am

It should be visible in the packet capture if vlan tagging is used. Other than that the IPv6 link local address should always be there, no matter how messed up the configuration is, so you can use that to restore the functionality.

colouredhair · November 5, 2021, 12:32pm

I can see enp37s0.100 and enp37s0 listed in Wireshark but there's no packets on either of them when the computer is only connected to the switch. Network Manager it says it's disconnected and the Connection Information is only for virbr0. The olny thing available seems to be loopback.

How can I find that?

I'm going away for a few days so I'll have to get back to this on Monday, thanks again for the help!

trendy · November 5, 2021, 12:45pm

Use tcpdump -i any -evn

colouredhair · November 8, 2021, 7:39pm

After not touching it for a couple of days it seems to have rectified itself. Not sure why it started working unless I just had to wait a really long time for the firstboot to finish. I was able to login on the vlan then change the config file and install luci. I still might not have it quite right but everything seems to be working fine. Thanks trendy!

Here's the config I've ended up with:

config interface 'loopback'
	option device 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'xxxx:xxxx:xxxx::/48'

config device 'switch'
	option name 'switch'
	option type 'bridge'
	option macaddr 'xx:xx:xx:xx:xx:xx'

config bridge-vlan 'wan_vlan'
	option device 'switch'
	option vlan '1'
	option ports 'lan1 lan2 lan3 lan4 lan5 lan6 lan7 lan8'

config device
	option name 'switch.1'
	option macaddr 'xx:xx:xx:xx:xx:xx'

config interface 'wan'
	option device 'switch.1'
	option proto 'dhcp'

config interface 'wan6'
	option device 'switch.1'
	option proto 'dhcpv6'

config bridge-vlan 'lan_vlan'
	option device 'switch'
	option vlan '1'
	option ports 'lan1 lan2 lan3 lan4 lan5 lan6 lan7 lan8'

config interface 'lan'
	option device 'switch.1'
	option proto 'static'
	option ipaddr '192.168.1.2'
	option netmask '255.255.255.0'
	option ip6assign '60'

config device 'lan_switch_1_dev'
	option name 'switch.1'
	option macaddr 'xx:xx:xx:xx:xx:xx'

system · November 18, 2021, 7:39pm

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.