WAN/LAN Ports independent of each other
All WAN/LAN ports should be assignable to independent networks.
Currently you can have multiple ISP providers and have fail-over which is excellent.
LAN Port 1 = 192.168.x.x/24
-VLAN = as many as you would like
LAN Port 2 = 10.x.x.x/24
-VLAN = as many as you would like
WAN/LAN Port 3 = 172.x.x.x/24
-VLAN = as many as you would like
This example would be 3 different networks that are all connected to 1 router. Could all the ports be used for the same LAN? Yes. But if you wanted a physical separation for whatever reasons you could.
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Hi @TechDad83
Thanks for posting in our business forum.
Don't understand the example you gave and what you said after the example.
Are you saying that you need to isolate one VLAN to one port on the router? Then don't tag it, and it does what you want.
If you have more explanation, love to hear it.
- Copy Link
- Report Inappropriate Content
Hi @Clive_A
Thank you for your reply. What Im trying to I guess explain is having 2 or 3 independent Physical networks all using the same router.
LAN Port = Business LAN
LAN/WAN Port = LAB LAN
Another example would be that I have a server that I want on a completely different subnet and isolate it to just that port on the router. I could VLAN and add rules but I should have the ability to assign an interface to do that.
Prior to moving to a TP-Link (Omada) I was using pfSense and each interface is assignable and can be independent of each other. I was sending 1 port to my VPN tunnel, so anything on that network was using the tunnel.
Hope that better explains what I was asking.
- Copy Link
- Report Inappropriate Content
Hi @TechDad83
Thanks for posting in our business forum.
TechDad83 wrote
Hi @Clive_A
Thank you for your reply. What Im trying to I guess explain is having 2 or 3 independent Physical networks all using the same router.
LAN Port = Business LAN
LAN/WAN Port = LAB LAN
Another example would be that I have a server that I want on a completely different subnet and isolate it to just that port on the router. I could VLAN and add rules but I should have the ability to assign an interface to do that.
Prior to moving to a TP-Link (Omada) I was using pfSense and each interface is assignable and can be independent of each other. I was sending 1 port to my VPN tunnel, so anything on that network was using the tunnel.
Hope that better explains what I was asking.
I don't think this would be possible at least we don't see it as very useful. pfSense can do that because each interface needs to be manually configured. It's open-source and this is a prebuilt one. The purpose of the product is to create interfaces for you. About whether an interface can be assigned to the port or not, you should configure VLAN. This is common we do with the thing you said.
So, I believe you have a question, if the way is to use the VLAN, then how to remove the VLAN 1? This question has been answered several times on the forum. We don't support removing the default VLAN.
What you asked for is more like a feature on the switch called Port Security. But this is a router, not a switch. Supposedly, it should handle both layer 2 and layer 3.
And if you want to do a VLAN that's separate from the other networks, in the controller mode, there is a function called Management VLAN. That's usually where you put your core network devices and you expect to separate them from most network clients.
This is the limitation of the prebuilt one. I know open source can do a lot beyond this. However, this feature has not been a common practice or a design idea since it was introduced. I mean this feature should become one of the essentials when it first came out because assigning the interfaces is the first thing you should do when dealing with the physical interface(port). Anything you do with the networking, you create the interface and assign it to the port first. It did not come at that time and I think this may not be added now when most users are already familiar with this system.
- Copy Link
- Report Inappropriate Content
Not sure what the purpose is here, but maybe don't "remove" the default VLAN, but instead, change what that port thinks is it's "default" VLAN? I think the setting is called PVID? and as said before, don't tag it. ?
I guess you could then still pass any other VLAN's over as Tagged, but i'm drawing a blank as to why or what to... Except maybe a VoIP device likes this Untagged "default" (or "Native") with a Tagged Voice-VLAN kind of setup with a normal/generic workstation hanging off the back of it...?
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 565
Replies: 4
Voters 0
No one has voted for it yet.