How to add 2 VLAN to a port TP-Link 26000G 52-TS 48Port Switch
How to add 2 VLAN to a port TP-Link 26000G 52-TS 48Port Switch
Hi,
So we have 1 Managed switch to Bldg. B, and an Unifi UAP-AC-PRO setup with VLAN30 and VLAN40 option.
Our Local LAN is 10.10.6.x
VLAN 30 is 192.168.30.x
VLAN 40 is 192.168.40.x
We do have 2 internet connection
Default Gateway 1 is 10.10.6.10
Default Gateway 2 is 10.10.6.9
We added the 2 default gateways and set an IP of 10.10.6.245 for the Managed Switch.
I can ping the Access Point but no internet
Maybe adding the VLAN30 and VLAN40 to the Port where the Access Point was plugged can solve the problem.. but can you add 2VLAN in a Port?
Any tips on setting this up? Thank you
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Hi mariem56
If the packets sent from Unifi UAP-AC-PRO has vlan tag, as you said, you need to add VLAN30 and VLAN40 to the Port where the Access Point was plugged. You need to change the port to general port then you can add two VLANs in a port. I think most TP-Link switch is using general port.
And you still need to add VLAN30 and VLAN40 to the Port connected to the gateway, otherwise, the packets from AP cannot reach gateway.
About the network related to multiple subnets, I think you still need to configure other feature like VLAN interface, static routing and so on. Please see the following FAQ.
https://www.tp-link.com/en/support/faq/887/
- Copy Link
- Report Inappropriate Content
Does your switch connect directly to gateway or are there any other managable switches? If directly, then as Andone said, configure uplink port (port which goes to gateway) as vlan 30/40 tagged. If you have more switches, then you need keep trunk port (30/40 tagged) till the gateway.
What is your gateway? It should also support vlan30/40 tagged on port, where you connect switch.
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
I remember that I add 10.10.6.9 and 10.10.6.10 which two of our gateways that I have.. so I can add the VLAN30 and VLAN 40 to the Uplink port too? BTW my main router is pfSense... Thanks for the response
- Copy Link
- Report Inappropriate Content
You didn't provide your firmware. It's important, because old firmwares had one design (with access/general/trunk port modes), while new firmwares have only general port mode (which is OK also, but could be different to configure.)
Of course, you can configure several VLAN's on port. You can conifgure even all VLAN's on port (switchport general allowed vlan 1-4094 tagged), it is not a big deal for normal managed switch. The only point is just you need to understand the difference between tagged port and untagged. It's a basic topology, when you configure 20 ports each with your own vlan untagged, then you have uplink port, which have all your 20 VLANs tagged to transfer it further on your topology.
Switchport general allowed vlan 30,40 tagged - it is how you add 2 VLANs, as example. Your Ubiquiti VLAN 30, VLAN 40 means it has tagged port from AP, so you need also tagged port on switch. Cheers.
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
I'm using CLI, so I gave command above. It is not so comfy to do it by Web-interface, but here it is https://www.tp-link.com/en/support/faq/2149/
Can I draw your topology? Why do you need 2 gateways? Who is DHCP-server for the network? I hope you understand, that host can have only 1 gateway the same time. I can only understand 2 gateways, if you configure VRRP between them of smth like this.
So, as I understand If you have only 2 SSID's with vlan 30,40 and vlan 1 is for managing AP (and seems like not only AP), right? Also you have 1 subnetwork for the whole LAN. Then you need switchport general allowed vlan 1 untagged, switchport pvid 1, switchport general allowed vlan 30,40 tagged.
Your uplink, which goes to router also should be the same. Your pfsense router (sorry, I have never used it), should be configured also the same, VLAN 30,40 tagged, vlan 1 untagged, PVID 1. That is how I would configure it on any Miktotik or TL-ER6120 and it would work :)
P.S. I quickly looked thorugh pfsense configuration and it seems complicated, as it is some kind of enterprise solution as cisco, where you need configure even NAT and all the stuff.
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
This is what I've tested
I create another VLANs aside from default VLAN 1
created VLAN 30 (192.168.30.0/24) and VLAN 40 (192.168.40.0/24) both are untagged ports to Ports 1, 15, 16.
Then adding PVID but its per port so I only added port 1,15,16 with PVID 30.
Then going to L3Features >IPV4 Routing Table:
Protocol Destination Network Next Hop Distance Metric Interface Name
Static 0.0.0.0/24 10.10.6.10 1 0 VLAN1
Connected 10.10.6.0/24 10.10.6.247 0 1 VLAN1
Connected 192.168.30.0/24 192.168.30.1 0 1 VLAN30
Connected 192.168.40.0/24 192.168.40.1 0 1 VLAN40
then L3Features > Interface
VLAN 40 Static 192.168.40.1 255.255.255.0 VLAN40_Guest Up
VLAN 30 Static 192.168.30.1 255.255.255.0 VLAN40_Guest Up
VLAN 1 Static 10.10.6.247 255.255.255.0 LAN Trusted Up
10.10.6.247 IP of Managed Switch
I can ping the Switch, the Access Point
but I still dont have internet on my access point
When I physically connect my Laptop to Managed switch I can ping users that's directly connected to Switch..
What could be the problem?
- Copy Link
- Report Inappropriate Content
Answer:
Instead of untagged the VLAN 1(Port 1-52) , VLAN 30(Port 16), VLAN 40(Port16)
we tried tagged VLAN 30 (Port 1 and Port 16), VLAN 40 (Port 1 and Port 16) and it worked! I can now connect to my Access Point with VLAN 30 and VLAN 40..
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 5965
Replies: 19
Voters 0
No one has voted for it yet.