NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
Netgear GS308EP
I'm having the same issue as decribed in:
https://community.netgear.com/t5/Insight-Managed-Smart-Cloud/Can-t-reach-GUI-on-GS308E-over-VLAN-trunk-port/td-p/2291953
But what's puzzling to me is...if I'm not able to access the management port from off subnet, what is the point of the Access Control panel where I can select IPs/IP-ranges with subnet masks??
Thanks in advance for you time...
When the same is not the same,,, Appears fellow BrianL was responding correctly to the thread referred.
Most of these Plus switches like the GS308EP are built on unmanaged cores with tiny uC added to implement the NSDP Protocol (for the legacy Prosafe Plus Configuration Utility - don't worry, the config options are disabled by default due to a non-mitigatable risk in this L2 protocol, only the discovery feature remains active) and the basic IP stack with the http-only Web-UI to configure some of the control bits on the switch.
The uC IP stack does not support tagged, but only untagged IP frames but it does support IP subnetting and (if I'm not wrong) handles the default gateway correct [this is why you see the ACL controls for IP addresses and subnet masks], however does lack of the Path MTU Discovery (PMTUD) [this does deny using e.g. any VPNs or the like, as the uC IP stack does only deal with the complete default Ethernet MTU].
I hope this gives you some of the bigger picture of what you got here with these inexpensive switches..
Regrds,
-Kurt.
PS. I'll request a moderator moving this thread to the appropriate Plus And Smart Switches Forum to discuss Smart Switches (T) and Plus Switches (E), including Local and Remote Management
8 Replies
I'm running the latest firmware version.
Hi obrennang,
Welcome to the Community!
As described in the above thread, the port 1 is tagged/trunked in both Management VLAN 1 and secondary VLAN 15. Since Port 1 PVID has defaulted to 1, there's no need for tagging it in the said management VLAN. Put it back to Untagged and in the said port the traffic passing through will be both VLAN 1 and 15.
Kind regards,
BrianL
When the same is not the same,,, Appears fellow BrianL was responding correctly to the thread referred.
Most of these Plus switches like the GS308EP are built on unmanaged cores with tiny uC added to implement the NSDP Protocol (for the legacy Prosafe Plus Configuration Utility - don't worry, the config options are disabled by default due to a non-mitigatable risk in this L2 protocol, only the discovery feature remains active) and the basic IP stack with the http-only Web-UI to configure some of the control bits on the switch.
The uC IP stack does not support tagged, but only untagged IP frames but it does support IP subnetting and (if I'm not wrong) handles the default gateway correct [this is why you see the ACL controls for IP addresses and subnet masks], however does lack of the Path MTU Discovery (PMTUD) [this does deny using e.g. any VPNs or the like, as the uC IP stack does only deal with the complete default Ethernet MTU].
I hope this gives you some of the bigger picture of what you got here with these inexpensive switches..
Regrds,
-Kurt.
PS. I'll request a moderator moving this thread to the appropriate Plus And Smart Switches Forum to discuss Smart Switches (T) and Plus Switches (E), including Local and Remote Management
Makes sense to some degree (new to VLANs), so apologies if my follow-up questions make no sense.
I'm connecting the Netgear to a Fortigate router with configure VLANS: 100, 20, 30, and 33. I've reconfigured the netgear management interface to use IP 10.0.100.2 (VLAN 100 on Fortigate), and then I set port 1 as the TRUNK port (so that all Fortigate VLAN traffic flows to Switch with tagged VLANs). Sounds like I should leave PORT #1 alone, and instead use another port for TRUNK? And "maybe" the management IP should not be in a VLAN??
Goal is to be able to manage the switch remotely from other subnets/computers on my home network.
Thanks again for your time.
Another thought...maybe my issue is having placed the Mgmt IP on a VLAN at all?
Perhaps having the Management IP be a part of the Fortigate (non-VLAN) subnet would allow me to reach the Management interface after trunking port #1 and connecting Fortigate port to port1 on netgear??
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
