NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
GS748Tv5 - Create an Internal and an External VLAN
Hi - a newbie here. I am trying to configure a GS748Tv5 switch to have an internal and an external VLAN and am not having any luck.
Here's what I want to accomplish:
VLAN 1
Port 41 only. I am currently connected to the switch using Port 41. I am working remotely so I did not want to add it to the internal VLAN yet.
VLAN100 (External)
Ports 1 through 4. Port 1 connects to my Comcast Router. Ports 2 and 3 connect to my external Firewall ports. Port 4 is empty. Ports 1 through 4 are Tagged.
VLAN200 (Internal)
Ports 5 through 48. Ports 5 through 46 are for my internal network (PC's, Printers, Projectors). Ports 47 and 48 connect to my internal Firewall ports. Ports 5 through 40 and 42 through 46 are Untagged. Ports 47 and 48 are Tagged
Here's what I have done:
1)The switch has a static IP address.
2) VLan 100 and 200 have been created and ports assigned.
3) PVID are configured.
And here is where my newbieness has me going crazy - I'm not sure how to configure the IP Routing on the VLans. I do not have access to my current switch (which is an old Brocade) so I can't compare configurations for help.
Do I route the external VLAN using my Comcast IP?
I tried to add the Internal VLAN and it fails with a "Error! Failed to Set 'IP Address' with '192.168.xxx.x' " message. (The xx.x was added by me on this email - I am using a valid internal address".
I'm hoping that someone can offer some advice on how I can get this configured. Normally I would reach out to a contractor for this but becasue of the current world we are in he is not available to help me.
Appreciate any advice.
Thanks -
Steve
Take it like this: A computer, printer, consumer router LAN is always untagged. The assignment of frames flowing into the switch to a VLAN is done by the PVID, the frames from the VLAN assigned coming from the switch to these devices are untagged.
3 Replies
Hi Steve,
Can't see why and where you want or need to install any VLAN routing - the connection between the subnets is up to your firewall device, not the switch.
SteveAlliance wrote:
VLAN100 (External)
Ports 1 through 4.
Port 1 connects to my Comcast Router.
Ports 2 and 3 connect to my external Firewall ports. Port 4 is empty. Ports 1 through 4 are Tagged.
Your Comcast router does work with tagged frames? Probably not.
Your firewall WAN ports (why ever you want two) are configured for tagging, too?
SteveAlliance wrote:
VLAN200 (Internal)
Ports 5 through 48. Ports 5 through 46 are for my internal network (PC's, Printers, Projectors). Ports 47 and 48 connect to my internal Firewall ports. Ports 5 through 40 and 42 through 46 are Untagged. Ports 47 and 48 are Tagged
Your firewall WAN ports (why ever you want two) are configured for tagging, too?
Both switch networks (VLANs) are simple L2 networks in this set-up.
schumaku -
This is where my newbieness rears it's head - The ports were tagged because from what I garnered from the online help it sounded like they should be. IP Routing done for the same reason. We have multiple internal and external firewall ports because of a redundant firewall solution.
I will untag the ports and delete the IP routing and see what happens when I plug things in on Saturday.
Thanks for the feedback!
Take it like this: A computer, printer, consumer router LAN is always untagged. The assignment of frames flowing into the switch to a VLAN is done by the PVID, the frames from the VLAN assigned coming from the switch to these devices are untagged.
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
