NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
GS108Ev3 Cannot set VLAN for management interface
I just purchased a GS108Ev3 because I needed some simple VLAN segregation for a small group of machines "down the hall" from my core networking equipment. The switch works great, though there is one key feature I believe to be missing: The IP address of the switch can be staticly defined, but there is no way to configure the VLAN the switch's management interface resides on.
With my ProSafe Smart switches that I'm currently using, this is definetly possible:
GS724T Management Interface:
On the other hand, the GS108E clearly lacks this functionality:
GS108E Mangement Interface: (Same basic form is visable in the WebUI; no VLAN setting though!)
Setting the IP address is great... but I need to keep all of the management for my switches on a seperate VLAN for security purposes. Is this a feature that could possibly be added with a future firmware revision? I know the GS108E is a very entry-level switch, but since the switch supports VLANs and managing them on a per-port bases (and trunking), allowing administrators to set the VLAN for the management interface is really an important feature!
Hi chulio,
Welcome to the community! :)
I think this is by design and not a limitation of the GS108Ev3 since its category is a ProSAFE Plus Gigabit switch which adds a configuration layer to the standard unmanaged switch.
For the alternative, I recommend you the GS108Tv2 or GS110TP switches.To know more about the GS108Tv2 and GS110TP switches, check these links below:
GS108Tv2 and GS110TP Product FAQs
Regards,
DaneA
NETGEAR Community Team
13 Replies
Replies have been turned off for this discussion
Hello Ra1n,
Welcome to the community!
It is true that you cannot change the default management VLAN for this model, the switch is only a Prosafe Plus switch and is intended for more simple networks. What you can do is to post a topic on our Idea Exchange Board so that our engineers can see if they will consider adding this feature on future firmware releases. Make sure you hit the kudos(like) button, if it gets enough kudos from users then it can be considered.
Hope that helps, if you have questions feel free to ask.
Thanks,
Same issue, for my 3x GS108e v3 it doesn't even work for VLAN 1 !
(if a second or third VLAN are tagged on the same port), no GUI management possible.
It seems the GS108e takes the VLAN with the fastest DHCP server and then you get an IP you can use for GUI management.
Is there a solution in the meantime for the GS108e ?
Or which alternative product provides that functionality ?
Thanks a lot in advance,
Best chulio
Hi chulio,
Welcome to the community! :)
I think this is by design and not a limitation of the GS108Ev3 since its category is a ProSAFE Plus Gigabit switch which adds a configuration layer to the standard unmanaged switch.
For the alternative, I recommend you the GS108Tv2 or GS110TP switches.To know more about the GS108Tv2 and GS110TP switches, check these links below:
GS108Tv2 and GS110TP Product FAQs
Regards,
DaneA
NETGEAR Community Team
Sweet lord, I can't even begin to express how bad this design is. I am seriously questioning the sanity of the developer/tester that approved this. Surely there must be some person within the development team that objected to this turd of a design? Give that person a promotion!
A switch with it's management interface connected to every VLAN is just bonkers.
I purchased this switch as a cheap and small extention of our SMB network for testing purposes. Given I've got our ISP (public) subnet on a particular VLAN which is also in this switch this is very unsafe. So it seems once again; you pay peanuts, you'll get monkeys.
Oh well.. Back to Cisco and HP.
I wouldn't recommend this particular Netgear product to anyone.
I've also got a GS108T which seems more robust. I haven't been able to test my GS105E because it seems faulty.
Ok, I got my GS105Ev2 working and it has the same flaw.
It seems the insecure management issue is present in the GS***E ProSafe switches.
I found this quote in the manual which is mentioned twice:
[quote]
Do not remove all ports from PVID 1, which is the management PVID. If you remove all ports from PVID 1, you cannot access the switch for management. In such a situation, to recover access to the switch, you must reset the switch to its factory defaults settings.[/quote]
I seriously doubt the switch(family) really operates this way.
My setup:
GS108PEv3 GigabitEthernet1 as Trunk 802.1Q (VLANs: 1T, 4T, 6T, 4093U) PVID: 4093 which is attached to a GS108Tv2 on Gigabit Ethernet1 as Trunk 802.1Q (VLANs: 1T, 4T 6T, 4093U) PVID: 4093
Now, in this setup the management interface of the GS108PEv3 isn't reachable through the link from GS108Tv2 switch. However, other nodes on VLAN 1 on the GS108PEv3 switch on other interfaces ARE reachable! So we can safely assume VLAN1 goes through the link tagged successfully. Only when changing the PVID of the GS108Tv2 to 1 is the management interface accessible again. Now this is quite odd and at this time I am unsure about what is going on. What I strongly suspect is that the GS108PEv3 management interface listens to ALL the untagged (PVID) traffic on every eth-interface whatever the PVID may be!
One can imagine how careless and unsafe this implementation really is. Quite ironic since the name of the series is ProSAFE.
Maybe I will perform some more tests later in the week.
Same problem on JGS524PE.
This "feature" is mandatory, VLAN is useless if you can't secure your installation !
Idem, back to HP / Cisco ...
Welcome to the community! :)
This is by design and not a limitation of the GS108Ev3 switch since its category is a ProSAFE Plus Gigabit switch which adds a configuration layer to the standard unmanaged switch.
Since you find the feature to be mandatory on this switch model, I suggest you to kindly post your concern as a feature request on the Idea Exchange Board for Business here. In this way, the development team can see what feature does users wanted to be added to the functionality of the product. Be reminded that the more kudos given by community members to your feature request will help as the development team will be reviewing the post that has the most kudos and will be considered.
Regards,
DaneA
NETGEAR Community Team
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
