Vlan setup

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Vlan setup

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Vlan setup
Vlan setup
2023-07-22 12:55:55 - last edited 2023-08-07 09:44:00
Hardware Version: V4
Firmware Version: 4.0.7

Hi,

 

Before purchasing and implementing these switches into a VLAN setup. I wanted to confirm a couple of point.

 

 

In the photo below, the first switch port where the PC is connected to has a native network and an untagged network of 1 (LAN.) The trunk ports have the same Lan1 native network and untagged network but surely the PC has already been tagged by the first switch so now won't pass through the 'All' Profile as it does not have Lan in tagged? Or does it mean it untags everything not in the tagged list and retags again on the native network?

 

 

Also if my switches are on the subnet of the main Lan network, am I always going to have to allow the Lan network through for the switches to communicate?

 

 

Thankyou for the support.

  0      
  0      
#1
Options
1 Accepted Solution
Re:Vlan setup-Solution
2023-07-24 03:22:00 - last edited 2023-08-07 09:44:00

Hi @Anthony1001 

Thanks for posting in our business forum.

Anthony1001 wrote

 

In the photo below, the first switch port where the PC is connected to has a native network and an untagged network of 1 (LAN.) The trunk ports have the same Lan1 native network and untagged network but surely the PC has already been tagged by the first switch so now won't pass through the 'All' Profile as it does not have Lan in tagged? Or does it mean it untags everything not in the tagged list and retags again on the native network

 

The PC is not tagged because it is not using any tagged network based on your picture.

 

I think you first need to understand why there is a tag and untag. Please refer to the wiki of 802.1Q VLAN.

Native Networks on the Controller means PVID. Tagged and untagged network, the literal meaning of it.

 

I am having trouble understanding your questions. My apology. If you are creating VLAN interfaces, you have access to each VLAN interface because they are routed.

If you want to block, based on the VLAN interface scheme, use ACL.

If you are looking for the old-fashion way, the 802.1Q VLAN, for isolation, then configure it as VLAN for purpose. Don't use the VLAN interface as "purpose".

 

So, three profiles you have there. I'll just explain the first two.

#1 VLAN ID = LAN(untag), PVID = LAN, no tagged network. This is the profile and is usually for PC. 

#2 VLAN ID = LAN(untag), Camera(tag), Guest(tag), PVID = LAN. This port will get an IP of LAN. If connected with a switch, the switch can further distribute VLAN Guest and Camera.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
Recommended Solution
  0  
  0  
#2
Options
1 Reply
Re:Vlan setup-Solution
2023-07-24 03:22:00 - last edited 2023-08-07 09:44:00

Hi @Anthony1001 

Thanks for posting in our business forum.

Anthony1001 wrote

 

In the photo below, the first switch port where the PC is connected to has a native network and an untagged network of 1 (LAN.) The trunk ports have the same Lan1 native network and untagged network but surely the PC has already been tagged by the first switch so now won't pass through the 'All' Profile as it does not have Lan in tagged? Or does it mean it untags everything not in the tagged list and retags again on the native network

 

The PC is not tagged because it is not using any tagged network based on your picture.

 

I think you first need to understand why there is a tag and untag. Please refer to the wiki of 802.1Q VLAN.

Native Networks on the Controller means PVID. Tagged and untagged network, the literal meaning of it.

 

I am having trouble understanding your questions. My apology. If you are creating VLAN interfaces, you have access to each VLAN interface because they are routed.

If you want to block, based on the VLAN interface scheme, use ACL.

If you are looking for the old-fashion way, the 802.1Q VLAN, for isolation, then configure it as VLAN for purpose. Don't use the VLAN interface as "purpose".

 

So, three profiles you have there. I'll just explain the first two.

#1 VLAN ID = LAN(untag), PVID = LAN, no tagged network. This is the profile and is usually for PC. 

#2 VLAN ID = LAN(untag), Camera(tag), Guest(tag), PVID = LAN. This port will get an IP of LAN. If connected with a switch, the switch can further distribute VLAN Guest and Camera.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
Recommended Solution
  0  
  0  
#2
Options