NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
MS510TXM need some general assistance with Routing config
Hello everyone! I'm running a MS510TXM with fw 1.0.5.10. I'm trying to get VLAN routing working and I'm having trouble. From all subnets/VLANS (tagged & untagged) I can see the gateway addre...
Hi Kurt!!
If you're an acapella music fan you probably know about The Real Group. They're from Switzerland too. Phenomenal! I saw them in the late 90's and was blown away!
Back to my issue. the VLANs are associated with my home lab and the ingress/egress point is from the 192.168.1.0 subnet. Most of my devices outside of my vms (NAS, vcenter & esxi mgt, etc) are on the 192.168.1.0 subnet, but I'm wanting to move them into specific VLANs based on function (management, data plane, etc.) and have them communicate with each other in the tagged environment as well as able to get to the Internet if I need them to.
I want the Lab routing to be handled by the smart switch. As you can see, most of them are in the 10.32.0.0 supernet and I have the internet router set with a static route pointing 10.32.0.0 to the management address of the switch (192.168.1.6.) on the switch side the route to 192.168.1.0 is pointed to 192.168.1.6 while the default route points to 192.168.1.1, the address of the Internet Asus wireless router.
I didn't see an option for setting a port to be access in the switch config. on the Tagged laptop, I set the VLAN ID on the ethernet adapter and was able to see other devices on that VLAN. for the 192.168.1.0 device, I just set a static address in that subnet with the gateway pointing to the switch.
Hope this helps!
BeatleManiac wrote:
If you're an acapella music fan you probably know about The Real Group. They're from Switzerland too. Phenomenal! I saw them in the late 90's and was blown away!
That would be Sweden ... Switzerland is slightly smaller my friend 8-)
BeatleManiac wrote:
I didn't see an option for setting a port to be access in the switch config. on the Tagged laptop, I set the VLAN ID on the ethernet adapter and was able to see other devices on that VLAN. for the 192.168.1.0 device, I just set a static address in that subnet with the gateway pointing to the switch.
Normal computers like workstations, PCs, ... are always operating on untagged, connected to an access port (VLAN Membership ID [U]ntaggd, PVID set to the same. This is regardless of the VLAN - this is why I started talking about that all your switch port re untagged and PVID 1, and some allow so tagged connections.
My apologies! Both beautiful mountainous countries!
Here is the Advanced adapter config for my laptop:
setting the VLAN here allows me to have the laptop talk on a Tagged network.
Yes, technically feasible - and the horror for IT security exposing multiple VLAN to workstation connections. That's why its not a great idea. If you need VLAN 10 on a port, then configure it as an access port with VLAN 10 [U]ntagged, PIVD 10 - and no other VLANs enabled on this switch port.
This is for a home lab, and the Lab Internet router is actually behind the main home Internet router, with a firewall between them. I'm not worried about security at this point. I'm just trying to duplicate most of the features of a corporate infrastructure for testing, cert prep, etc.
Back to my question though, what can I look at for insight into why I can't go from the untagged side to a tagged side? Traffic the other way seems to be flowing ok.
Steve Hurd
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
