NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

sjhx's avatar
sjhx
Aspirant
Jul 11, 2023

Are Private VLANs what I need?

I have a M4100-D12G with 2 subnets.

 

I would like to have subnet1 on ports 1-4 and subnet2 on ports 5-12 and not have any traffic travel between these.

I think private (community mode) VLANs are what's needed? Would this do what I wanted?

 

Simon.

6 Replies

  • MikeD1234's avatar
    MikeD1234
    NETGEAR Expert
    Jul 11, 2023

    Hi sjhx,

    Private VLANs, are as followed:

    Private VLAN group allows you to create groups of users within a VLAN that cannot communicate with members in different groups but only within the same group.

    Also see page #316 from the manual: ProSAFE M4100 Managed Switch Software Administration Manual Software Version 10.0.1 (netgear.com)

    So, in this instance, they would share the same IP scheme (subnet), but the switch can allow or disallow them to communicate together, based on which group they are in.

    From the sounds of it, you want regular VLANs, so then you need to have VLANs (DHCP etc.) configured at an end-point (i.e., Firewall, or on the M4100 DHCP), and then setup your VLANs.

    Then, your firewall needs static routes, or, be VLAN aware, for routing.

    Mike

    • sjhx's avatar
      sjhx
      Aspirant
      Jul 13, 2023

      Private VLAN group allows you to create groups of users within a VLAN that cannot communicate with members in different groups but only within the same group.

       

      I think this is what I need. My subnet1 is 2 audio mixing consoles, plus wired and wireless remote controlers. I could have the ffirst 4 ports as group1 and the other 8 as group2.

       

      This would be the same as using 2 separate switches?

  • schumaku's avatar
    schumaku
    Guru
    Jul 11, 2023

    Just two VLANs and no in case inter-VLAN routing enabled would not be sufficient?

    • MikeD1234's avatar
      MikeD1234
      NETGEAR Expert
      Jul 11, 2023

      Yes, two VLANs might work, but if they need to communicate something needs to be aware of it, and have an L3 interface for it.

      Not sure if they have the option for that. Then, the option wouldn't be to bad, but if in case they need different subnets etc. a firewall/router or the switch with interfaces should do the trick.

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More