NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

ecallenil's avatar
ecallenil
Aspirant
Jul 31, 2015
Solved

Route public IP addresses across switches in internal network

Here's the situation:

 

I have an incoming internet connectoin handing off public IP addresses.  This device is on the opposite side of the building and I need to get the connection back to my main server room to connect to the firewall.

 

I have managed switches on each end (where the connection comes in, and in the server room).  Both are model GS724T.  These switches route my internal private network traffic.  For the uplilnk, I have a fiber trunk (2 fiber ports).

 

What is the best way to route the public traffic through the same switches as the private traffic so I can get the public traffic back to the server room?  I'm thinking I need to do VLAN but the fiber trunk ports need to be tagged and work for both the public and private networks.

 

[broadband radio]----[GS724T]-----------{fiber trunk}-----------------[GS724T]------------[firewall]

 

Any help is appreicated.

 

 

Installation
Troubleshooting
  • fordem's avatar
    fordem
    Jul 31, 2015

    Yes - trunks can handle traffic from multiple VLANs, that is why it's called a trunk you'll need to make it a member of all the VLANs you want it to pass traffic for, and configure it to pass the VLAN tags.

6 Replies

  • fordem's avatar
    fordem
    Mentor
    Jul 31, 2015

    Let's start by being very careful as to the words we choose - router route & switches switch, unless those switches are layer 3 switches, and as far as I know, the GS724s are layer 2.

     

    As you have suggested, you can create a VLAN and pass the internet traffic across that - it will only take one switch port at each end

    • ecallenil's avatar
      ecallenil
      Aspirant
      Jul 31, 2015

      Thanks, fordem, and you are correct.  I used terms that are not correct.  Instead of "route" I meant something more along the lines of the switches "send" or "pass" traffic.  My question is if it is wise, or even possible, to use the already established trunk to pass this traffic?  It woud not be desirable from a labor standpoint to run more cable between the switches.  Would the trunk be able to pass traffic both on internal and external networks at the same time?

      • fordem's avatar
        fordem
        Mentor
        Jul 31, 2015

        A VLAN is a virtual LAN - think of it this way ...

         

        You have two switches, each with four computers in their own little LAN, each group of four computers can talk to one another, but the computers on one LAN cannot see the computers on the other LAN - these are physically separate LANs.

         

        Now let's take a single switch that supports VLANs and create two VLANs, each with four ports, and connect the computers to them - this configuration will work exactly like the one above, each group of four computers will be able to talk to one another, but the computers on one LAN cannot see the computers on the other LAN - these are virtually separate LANs.

         

        Yes - you can do exactly what you're suggesting because the internal VLAN will never see the external VLAN.

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More