NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Multiple GS724v4 VLAN configuration
Hi there community! Ok we got this couple of GS724v4 providing the network infrastructure of our development environment. Both are connected to a firewall on aggregated links. There are three zones on firewall on three distinct networks subnet (dev, staging and DMZ). Everything works fine, I can stop one of the interface connected to the aggregated link and the VM are still able to communicate with the corresponding gateway without issues using the default VLAN on switches, but this is not providing a true segregation of networks.
The problem arise when I try to move some ports on different VLAN. Attachment one is showing the actual network scheme. As soon as I move ports 19 to 22 to a dedicated VLAN (500 created to manage DMZ zone), the VM are not able to communicate to machines on the other switch and that is the reason I'm looking for you help. Ports 25 and 26 are fiber connected and configured as LAG 1 on both switches.
Again, the VM are able to communicate between switches until they are attested on default VLAN, they stop as soon I remove the untagged from VLAN 1. I followed this guide https://kb.netgear.com/8898/How-do-I-set-up-one-or-more-VLANs-between-a-NETGEAR-ProSAFE-firewall-and-a-smart-switch, tested the example configuration in the GS724 admin guide and applied some suggested configuration I found in the community support forum without obtaining the desired results. The second attachment is showing the current VPID configuration. What am I missing?
Both the switches are GS724Tv4 ProSafe 24-port Gigabit Ethernet Smart Switch, 6.3.1.39, B1.0.0.4
Thanks in advance!
5 Replies
Here the second attachment, the forum is allowing me just one attachment per post...
Again, thanks in advance
Sorry community, I cited the wrong Netgear guide, this is the correct one: https://kb.netgear.com/11673/How-do-I-setup-a-VLAN-trunk-link-between-two-NETGEAR-switches
- When I get things right, there are four LAGs (three aggregation pairs, plus the LAG connecting the two switches).
So two points seem to be missing:
Dedicated LAGs for the aggregation (in addition to the switch interconnect LAG), and
The VLAN membership config and PVID assignment for each network on the LAG level (instead of the single ports).Hi schumaku thank you for your time. Sorry maybe the scheme is not clear. In actual configuration just the ports 25 and 26 are belonging to a LAG so I just configured one LAG. The aggregated links are on firewall side that is not a Netgear one. On the switch side I have a single port dedicated to the aggregated link per each switch. So ports 1, 2 and 19 on switch 1 are receiving a cable from the firewall (one per subnet) and the same on switch 2.
Anyway what I understand from you is that I need a different configuration between switches. Could a configuration like in the attached scheme work? Port 22 would be dedicated to the VLAN 500 exchange.
I'm not sure I understand your second suggestion. I found in some article that LAG VLAN must be configured at port and LAG levels. So, for example, I should configure the VLAN/VPID membership on port 22 and on LAG 22, is that correct? In that case, could the interswitch link (port 25 and 26 in my scheme) be used also for multiple VLANs?
Thanks again,
A.
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
