NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

vasileiosg's avatar
vasileiosg
Aspirant
Jan 22, 2017
Solved

Multiple port tagging

Hello,   I have a complicated question so please bare with me for a moment.   I have an ESXi 6.5 host that is running a virtual Sophos UTM 9.4 appliance. I also have a Netgear GS108Ev3 managed sw...
Solutions
  • DaneA's avatar
    DaneA
    Feb 07, 2017

    @vasileiosg,

     

    Since you have confirmed that the PC where the ESXi 6.5 host which runs a virtual Sophos UTM 9.4 appliance is a VLAN-aware device, have you checked if tagging is enabled on the physical LAN adapter of the PC?  Kindly check this link as a guide on how to check it on your PC.

     

    Also, kindly post images of your actual network setup that especially shows the PC where the ESXi 6.5 host which runs a virtual Sophos UTM 9.4 appliance is connected to the GS108Ev3.  

     

     

    Regards,

     

    DaneA
    NETGEAR Community Team

DaneA's avatar
DaneA
NETGEAR Employee Retired
Jan 23, 2017

Hi vasileiosg,

 

Kindly answer the questions below:

 

a. Is the PC where the ESXi 6.5 host which runs a virtual Sophos UTM 9.4 appliance a VLAN-aware device? 

b. Is the virtual Sophos UTM 9.4 appliance the DHCP server of VLAN 2 on the virtual VLAN 2 network as well as with the physical VLAN 2 network?  Or, is there another DHCP server for the physical VLAN 2 network?

c. Since the physical devices on VLAN 2 communicate with each other, I believe that the PVID of VLAN 2 port members is set to 2.  How about on the virtual VLAN 2, is the PVID also set to 2?

 

 

Regards,

 

DaneA
NETGEAR Community Team

vasileiosg's avatar
vasileiosg
Aspirant
Jan 23, 2017

Hi,

 

thanks for your quick reply! 

 

a) The system is an E6540 laptop with ESXi. I haven't assigned a VLAN on the management port. I don't exactly know what you mean about VLAN aware device.

b) Yes the UTM is the DHCP server for VLAN 2. By the way you gave the question, you make me wonder if i have done something wrong though. I have assigned the VLAN 2 on a virtual machine type instead of a vmkernel. I have a feeling that this is my mistake. Let me look into it and come back to you in a couple of days...

  • vasileiosg's avatar
    vasileiosg
    Aspirant
    Jan 24, 2017

    Alright, so i decided to make my life a bit simpler so it is easier.

     

    I connected two physical devices A and B on port 1 and 2 on the switch.

    A got 192.168.0.1 (static)

    B got 192.168.0.2 (static)

     

    then i went to the switch and did the following:

     

    VLAN > 802.1Q > Advanced > Port PVID

    And i changed ports 1 and 2 to PVID 2.

    Then i went to VLAN > 802.1Q > Advanced > VLAN Membership and removed any VLAN on those ports except tagging VLAN2.

     

    I then tried to ping the two devices and i could not.

     

    • DaneA's avatar
      DaneA
      NETGEAR Employee Retired
      Jan 30, 2017

      vasileiosg,

       

      If ever the 2 physical devices are not VLAN-aware, ports 1 and 2 should be set as untagged ports on VLAN 2 with a PVID = 2.  

       

      Let me share this VLAN set-up example using a GS108Ev2 switch that I found online, click here and use it as a guide.  Hope it helps. 

       

       

      Regards,

       

      DaneA
      NETGEAR Community Team

      • vasileiosg's avatar
        vasileiosg
        Aspirant
        Jan 30, 2017

        Now i understand! OK i am going to test it over the weekend and come back to you, thanks a lot!

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More