I want to separate the ports into different vlans.

My try is to use " 802.1Q VLAN Configuration".

port 8 has the internet.

vlan 2: port 1,2,3 and 8

vlan 3: port 4,5,6,7,9,10,11,12,13,14,15 and 8

vlan 4: port 16 and 8

(nothing tagged until now - it did not seem to have any effect)

it seems that all port communicate to each other through the default vlan 1. - or though the router on port 8 (a fritz.box).

I would expect that port 1 cannot communicate to port 15. but it always can. (pinging works). how can I configure 3 separate vlans and have them connect to the internet nonetheless?

Any help is appreciated.