NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
VLAN trouble, can't ping, not sure if it even works
Hey gang,
I'm doing work for a pub where I need to separate out office computers and devices from the Point of Sale devices for security purposes. To that end I've tried making a VLAN using ports 1-12 on this GA724TPv2 switch. I'm ignorant of what I'm doing and the manual is very sparse on defining what to do.
My plan is to take ports 1-12 for the POS which I've defined as VLAN 994, and leave ports 13-24 for the office users, left on the stock VLAN1. These two VLANs should not be able to see each other.
I I have two problems to solve:
1. I wired to computers into Ports 1-2 on VLAN994 and gave them static IP addresses (192.168.131.x) different than VLAN1 (192.168.168.x). I can't ping either machine or see any traffic moving from machine to machine. So apparently I do have a separate VLAN, but no communication seems to exist within it. What have I done wrong?
2. I'm not sure how to forward traffic from VLAN944 to the Internet. Presumably the router itself can have a port dedicated to this VLAN but I'm not sure.
Here are some screengrabs of my configuration. Thank you for any help!
2 Replies
r3dplanet wrote:
1. I wired to computers into Ports 1-2 on VLAN994 and gave them static IP addresses (192.168.131.x) different than VLAN1 (192.168.168.x). I can't ping either machine or see any traffic moving from machine to machine. So apparently I do have a separate VLAN, but no communication seems to exist within it. What have I done wrong?
Nothing! Each VLAN is a dedicated network with it's own broadcast domain. Depending on the switch (not all have L3 routing capabilities) you could configure a static routing scenario all over your VLANs. But again - what for do you have configured a second VLAN again?
r3dplanet wrote:
2. I'm not sure how to forward traffic from VLAN944 to the Internet. Presumably the router itself can have a port dedicated to this VLAN but I'm not sure.
Depending on the router or security appliance, you would create a dedicated subnet, two dedicated security zones, each either many2one NATed to the same or to two different WAN IP addresses (depends what is available from your ISP, and what service you have from the ISP)..
Thank you for responding. I'm very confused.
I've seen documentation for older versions of my switch that had menu options for creating routing options and IP scopes, but I don't see that in the menus for this switch.
Today I bought a new Ubiquiti EdgeRouter X w/SFP that is supposed to be ba able to create routing services for multiple VLANs. I'll try that and report back.
Thanks again.
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
