NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

Ra1n's avatar
Ra1n
Follower
Aug 13, 2015
Solved

GS108Ev3 Cannot set VLAN for management interface

I just purchased a GS108Ev3 because I needed some simple VLAN segregation for a small group of machines "down the hall" from my core networking equipment. The switch works great, though there is one ...
Firmware
Security
  • DaneA's avatar
    DaneA
    Jan 07, 2016

    Hi chulio,

     

    Welcome to the community! :)

     

    I think this is by design and not a limitation of the GS108Ev3 since its category is a ProSAFE Plus Gigabit switch which adds a configuration layer to the standard unmanaged switch.


    For the alternative, I recommend you the GS108Tv2 or GS110TP switches.

     

    To know more about the GS108Tv2 and GS110TP switches, check these links below:

     

    GS108Tv2 and GS110TP Product FAQs

     

    GS108Tv2 Data Sheet

     

    GS110TP Data Sheet

     

     

    Regards,

     

    DaneA
    NETGEAR Community Team

JohndelStino's avatar
JohndelStino
Guide
Jan 01, 2017

I found this quote in the manual which is mentioned twice:

 

[quote]

Do not remove all ports from PVID 1, which is the management PVID. If you remove all ports from PVID 1, you cannot access the switch for management. In such a situation, to recover access to the switch, you must reset the switch to its factory defaults settings.[/quote]

 

I seriously doubt the switch(family) really operates this way.

 

My setup: 

 

GS108PEv3 GigabitEthernet1 as Trunk 802.1Q (VLANs: 1T, 4T, 6T, 4093U) PVID: 4093  which is attached to a GS108Tv2 on Gigabit Ethernet1 as Trunk 802.1Q (VLANs: 1T, 4T 6T, 4093U) PVID: 4093

 

Now, in this setup the management interface of the GS108PEv3 isn't reachable through the link from GS108Tv2 switch. However, other nodes on VLAN 1 on the GS108PEv3 switch on other interfaces ARE reachable! So we can safely assume VLAN1 goes through the link tagged successfully. Only when changing the PVID of the GS108Tv2 to 1 is the management interface accessible again. Now this is quite odd and at this time I am unsure about what is going on. What I strongly suspect is that the GS108PEv3 management interface listens to ALL the untagged (PVID) traffic on every eth-interface whatever the PVID may be!

 

One can imagine how careless and unsafe this implementation really is. Quite ironic since the name of the series is ProSAFE.

 

Maybe I will perform some more tests later in the week.

 

 

 

 

 

 

 

gmerb's avatar
gmerb
Tutor
Feb 20, 2017

Same problem on JGS524PE.

This "feature" is mandatory, VLAN is useless if you can't secure your installation !

 

Idem, back to HP / Cisco ...

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More