NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

sjhx's avatar
sjhx
Aspirant
Jul 11, 2023

Are Private VLANs what I need?

I have a M4100-D12G with 2 subnets.   I would like to have subnet1 on ports 1-4 and subnet2 on ports 5-12 and not have any traffic travel between these. I think private (community mode) VLANs are ...
MikeD1234's avatar
MikeD1234
NETGEAR Expert
Jul 11, 2023

Hi sjhx,

Private VLANs, are as followed:

Private VLAN group allows you to create groups of users within a VLAN that cannot communicate with members in different groups but only within the same group.

Also see page #316 from the manual: ProSAFE M4100 Managed Switch Software Administration Manual Software Version 10.0.1 (netgear.com)

So, in this instance, they would share the same IP scheme (subnet), but the switch can allow or disallow them to communicate together, based on which group they are in.

From the sounds of it, you want regular VLANs, so then you need to have VLANs (DHCP etc.) configured at an end-point (i.e., Firewall, or on the M4100 DHCP), and then setup your VLANs.

Then, your firewall needs static routes, or, be VLAN aware, for routing.

Mike

sjhx's avatar
sjhx
Aspirant
Jul 13, 2023

Private VLAN group allows you to create groups of users within a VLAN that cannot communicate with members in different groups but only within the same group.

 

I think this is what I need. My subnet1 is 2 audio mixing consoles, plus wired and wireless remote controlers. I could have the ffirst 4 ports as group1 and the other 8 as group2.

 

This would be the same as using 2 separate switches?

  • schumaku's avatar
    schumaku
    Guru - Experienced User
    Jul 13, 2023

    Exactly what normal VLAN are used for.

    • MikeD1234's avatar
      MikeD1234
      NETGEAR Expert
      Jul 13, 2023

      Hi sjhx,

      yes, if you only have one subnet, and can't setup static routes/routing/vlans on your Firewall/router, then this could be a solution.

      As schumaku says, it's kind of the same as VLANs, and a more graceful solution would probably be using different subnet/VLANs, to differentiate between them with VLAN + IP scheme.

      Your router/firewall, often should support static routes, and it's not to hard to configure once you have the routing to your switch configured correctly.

      Mike

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More