NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
I want to move my Defualt/Native Vlan 1 for Security
Title says it all...... I want to move my Defualt/Native Vlan 1 to another Vlan. Say Vlan 83..example. I am having trouble figuring it out...... Thanks in advance AP514 ...
I suggest the steps below:
1. Create VLAN 83 then select all ports as members of the VLAN 83. The port members should be set as untagged with a PVID of 83.
2. By default, all ports belong to VLAN 1 set as untagged. Remove all port members from VLAN 1.
3. Go to System > Management > IP Configuration. Specify VLAN 83 as the Management VLAN.
Regards,
DaneA
NETGEAR Community Team
I suggest the steps below:
1. Create VLAN 83 then select all ports as members of the VLAN 83. The port members should be set as untagged with a PVID of 83.
2. By default, all ports belong to VLAN 1 set as untagged. Remove all port members from VLAN 1.
3. Go to System > Management > IP Configuration. Specify VLAN 83 as the Management VLAN.
Regards,
DaneA
NETGEAR Community Team
Humm..I did all that you suggested already..But they were not in MGT VLAN but on Vlan listed as something else. And not UNTAGGED(tagged)..Will give that a try.
Maybe I have the tagging confused.....More reading needed I guess.
Side Note:
I guess if MGT Vlan is going to have all the ports. I really do not need another VLAN (NATIVE) listed ?
Thanks for the info..great community here.
AP514
Scratch the term of a "native" VLAN - there is no such thing.
On a flat switch configuration, internally there is the VLAN 1 used (resp. pre-configured) - as long as it's used Untagged (each port is by default configured to VLAN 1 untagged, PVID1), it does never become visible outside of the switch. Similar the Management VLAN is pre-configured to VLAN 1.If using the switch in a flat network, it does not matter if this is 1, 83, 4001 ... or whatever. If you want to reach the management on that very same VLAN, the management VLAN must be set to that very same VLAN ID.
Explain us what concerns you have ref. security. To me, the idea to move it tastes like security by obscurity at most (if any).
Of course, you could consider to use a dedicated VLAN for the management for all you network devices. This requires a lot more infrastructure (router, DHCP server, potentially an additional SSID mapping to the management VLAN in the wireless APs if you desire wireless access).Looking to do something like this.(attached).To keep my Cams from AUTO Phoning Home.......
The Blue Iris-PC has the software to run my Cams. But it also needs to be able to get to the net for time stamps on Cams and VPN for veiwing Cams on my Phone when away...
I would also like to have only 1 Port as the Access for my MGT. Vlan to a PC. Say port 24
On a Side Note..I can use the Fiber Cable as a Trunk even though just 1 Vlan on it ATM ? or would LAG be better ?
(Maybe for another Post)
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
