NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

JDunsOK's avatar
JDunsOK
Follower
Jul 25, 2022

Fiber link and VLANs with M4300-24X24F

Good afternoon,

 

I have a project where I have two separate sites that have their own independent networks but also need to have their network at the opposite site for backups and some sharing.

I purchased two M4300-24X24F switches that are going to be placed at each site with a fiber trunk connecting the sites. I have three total VLANs configured (4 if you include VLAN 1) on both switches:

- VLAN 830: Site A's network
- VLAN 890: Site B's network
- VLAN 700: Site A's Management network for monitoring/configuration
- VLAN 1/0: Unconfigured ports / no access to anything

 

Here's what I'm looking at as far as switches are configured:

 

Site/Switch A - 10.70.1.200 (VLAN 700/Management)

  • Port 1: 10G trunk to Site B
  • Port 25: VLAN 830 SVI - 172.83.15.200
  • Port 26: VLAN 890 Untagged
  • Port 47: 1GbE secondary/failover trunk to Site B
  • Port 48: VLAN 700 Management Port - 10.70.1.200

Site/Switch B - 10.70.1.201 (VLAN 700/Management)

  • Port 1: 10G trunk to Site A
  • Port 25: VLAN 890 SVI - 172.89.15.200
  • Port 26: VLAN 830 Untagged
  • Port 47: 1GbE secondary/failover trunk to Site A
  • Port 48: VLAN 700 Management Port - 10.70.1.201 - For initial configuration only

Port 1 and 47 on each switch are the primary & secondary/failover trunk between the two sites with only one active at a time).
Port 25 at each site acts as the SVI for their sites respective network
Port 26 is an access-only port at the opposite site to feed a backup server.
Port 48 at Site A is connected to our primary device management network to access, configure, and monitor both switches only. No access needed to either sites network.

 

No traffic from VLAN 890 should be accessible from 830 and vice-versa.

 

 

I have two issues that I can't quite figure out. The first is that I'm trying to configure the switches where I can access both switches from the management network for configuration and monitoring. I have port 48 on both switches untagged to VLAN 700, however, when I connect the trunk between the two switches and remove 48 on switch B as if we would in production, I can't access the Site B's management IP.

 

The second issue is that I'm trying to forward any VLAN traffic from untagged ports to their respective networks gateway regardless of location. As an example, Site A's network is VLAN 830 and any traffic from ports untagged to 830 at either site would forward over to Site A's gateway at 172.83.15.254 and vice-versa with untagged ports on VLAN 890 to Site B's gateway at 172.89.15.254. Is this possible?

 

Any assistance is appreciated!

1 Reply

  • DaneA's avatar
    DaneA
    NETGEAR Employee Retired
    Dec 01, 2022

    JDunsOK,

     

    It would be best if you open a support ticket with the NETGEAR Support Team here at anytime for technical assistance regarding your concern.  

     

     

    Regards,

     

    DaneA

    NETGEAR Community Team

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More