NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

MPS82's avatar
MPS82
Aspirant
Nov 10, 2017
Solved

How to block traffic between other ports but Internet access point using FS750T2

Hi,   I'm new to network stuff and I hope someone could help me out with this problem:   I have several apartments and one Internet access point (VPN gateway) connected to a 48 port switch. There...
Installation
  • Hopchen's avatar
    Hopchen
    Nov 10, 2017

    Hi MPS82

     

    To separate devices, in that way that you want, you will need to use VLANs. It is the only proper way to do this. Each "department" in its own VLAN.

     

    However, you will have a problem in that these VLANs need to be routed to the Internet as well. This switch cannot do that as it is only a layer 2 switch. It can do the VLAN part, but not the routing part. It is fine as long as your router/gateway can though. Is your router/gateway VLAN aware?

     


    Cheers

Hopchen's avatar
Hopchen
Prodigy
Nov 10, 2017

Hi MPS82

 

To separate devices, in that way that you want, you will need to use VLANs. It is the only proper way to do this. Each "department" in its own VLAN.

 

However, you will have a problem in that these VLANs need to be routed to the Internet as well. This switch cannot do that as it is only a layer 2 switch. It can do the VLAN part, but not the routing part. It is fine as long as your router/gateway can though. Is your router/gateway VLAN aware?

 


Cheers

  • MPS82's avatar
    MPS82
    Aspirant
    Nov 21, 2017

    Hi,

     

    Thank you for comment! This was hepful. I will check if my gateway is VLAN aware from the supplier.

    • Hopchen's avatar
      Hopchen
      Prodigy
      Nov 21, 2017

      No problem. Any questions - let us know :)

      • hokie21's avatar
        hokie21
        Tutor
        Nov 21, 2017

        This can be done with MAC ACLs. The switch will prevent traffic flow between the cusotmer ports, but allows all traffic to the Internet (router) port. You don't need to set up VLANs.

         

        Make a MAC rule with ID=1, action permit, assign queue=0, redirect interface= the port connected to your router, match every=false. Souce and destination MAC and mask should be set to FF:FF:FF:FF:FF:FF. 

         

        Go into "MAC binding configuration" and set ACL ID to the name of the ACL you made above. Click the ports that are part of this special configuration.

         

        Save it all and test. I checked it on my 724Tv2 just now and it works fine.

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More