NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

crodrig's avatar
crodrig
Aspirant
Sep 06, 2023
Solved

GS724Tv4 VLAN Routing

NetGear Community,   I have a NetGear GS724Tv4 24 Port Gigabit Smart Switch in which I have configured 4 VLANS.   I am only using VLAN1 and VLAN4 with VLAN 2 | VLAN3 as the default VLAN's (VOIP,...
  • crodrig's avatar
    crodrig
    Sep 12, 2023

    NetGear Community,

     

    I have decided to install a second PCIe ethernet card on the server/workstation to be used as a rsyslog server for receiving syslog messages (UDP packets) from the GS724Tv4 Smart Switch logging service.

     

    I basically configured the second ethernet card (eth1) on a separate subnet to communicate over the Management VLAN (VLAN1).

     

    The primary ethernet card (eth0) is connected to VLAN4 which allows for inter-connecting workstations as a localized LAN.

     

    The main goal is to provide network isolation between the user space and management space.

     

    I hope this helps some helpless souls.

crodrig's avatar
crodrig
Aspirant
Sep 08, 2023

Schumaku,

 

As per DISA STIG Requirements,

 

Group ID: V-3070

Group Title: Management connections must be logged.

Rule ID: SV-3070r4_rule

Rule Title: Network devices must log all attempts to establish a management connection for administrative access.

 

Fix Text: Configure the device to log all access attempts to the device to establish a management connection for administrative access.

 

I currently have the GS724Tv4 logging severity code (6) and higher.

 

Informational (6). Provides device information.

 

The access ports on VLAN4 are configured as the internal subnet for an isolated network. No network connections are allowed to the outside world (Internet, VPN, WAN, etc.)

 

Thanks.

schumaku's avatar
schumaku
Guru - Experienced User
Sep 09, 2023

There are still no management access vectors on this VLAN. 

  • crodrig's avatar
    crodrig
    Aspirant
    Sep 12, 2023

    NetGear Community,

     

    I have decided to install a second PCIe ethernet card on the server/workstation to be used as a rsyslog server for receiving syslog messages (UDP packets) from the GS724Tv4 Smart Switch logging service.

     

    I basically configured the second ethernet card (eth1) on a separate subnet to communicate over the Management VLAN (VLAN1).

     

    The primary ethernet card (eth0) is connected to VLAN4 which allows for inter-connecting workstations as a localized LAN.

     

    The main goal is to provide network isolation between the user space and management space.

     

    I hope this helps some helpless souls.

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More