NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
Port based VLANs on GS108E
Greetings folks. I need some help here. I’m new to Netgear ProSafe as well as VLANs. The port based VLANs attracted me to the GS108E and I’m hoping I bought the right device.
Currently, I have the Verizon input and Comcast input totally separate. Comcast is for the private network and Verizon is for the public network. I can only remote into the Verizon modem/router on the public side and remote in to 2 PCs on the private side via JumpDesktop.
I have another location owned by the same person but I was able to convince her to use Untangle, which accomplishes what I need with very little effort. This will take a little more effort but the hardware/subscription cost is far less. Before Untangle, the sites were set up identically.
ASUS RT-N66U set up as dual WAN
ASUS RT-N66U DHCP enabled
Netgear ProSafe GS108E
Ports 1-5 VLAN 1 Private Network
Port 6 VLAN 2 Camera Network
Port 7 VLAN 3 Guest Network
Port 8 VLAN 4 MHH Network
VLAN 1 is for business operations. Backoffice PCs as well as POS terminals are on this network. I use JumpDesktop to connect remotely to Managers PC as well as Backoffice PC. From there, I want to be able access all the devices on all VLANs. I will manage the switch from one of the 2 desktops. It is imperative that this network remain secure for PCI compliance.
VLAN2 is for a Q-See NVR system as well as a Foscam camera. Right now, this is on the Verizon input side. I have port forwarding set up in the Verizon router to make these things accessible on the remote apps and a PC. This functionality needs to continue in the new environment.
VLAN 3 is the guest network. Free wifi is offered to customers. Right now, this network is on the Verizon input side. Other than keeping this separate from the other LANs, no other security is needed.
VLAN 4. This is the owner’s condo. I have a router/access point in there for internet access. Other than keeping this separate from the other LANs, no other security is needed.
So with this and the attached diagram, I’m looking for guidance. I have looked through the documentation and assigning ports to VLANs looks pretty simple. I would simply plug the numbers outlined above into the appropriate spaces.
Here’s where it starts to get above me. I’m not sure if I understand and if I need to assign ports to multiple VLANs based on my requirements. Then I’m really lost. With VLANs, are the devices on each one on a different subnet? If so, does the ProSafe handle DHCP?
Hopefully, I’ve provided enough info to start. I think this post is long enough. I really appreciate anyone taking the time to read all this and lend a hand.
Sorry for the delay. I ended up going with another Untangle. Thanks for the replies.
7 Replies
Hi t84a,
Welcome to the community! :)
The GS108E switch is not capable of being a DHCP server. In order to achieve your goal, you will need to replace the ASUS RT-N66U with a VLAN-aware router that will also handle the DHCP for each VLAN. Since you have a dual-WAN setup, I suggest you the FVS336Gv3 VPN firewall router. Kindly check its specifications on the data sheet here.
Regards,
DaneA
NETGEAR Community Team
Thanks. Can I replace the ASUS router and the Netgear GS108E with FVS336Gx3 and call it a day?
t84a,
You may replace the ASUS RT-N66U router together with the GS108E switch with an FVS336Gv3. However, you might want to consider this scenario: what if in the near future you need to add VLAN-aware devices like NAS or VoIP phones that needs port VLAN tagging. The FVS336Gv3 doesn't support VLAN tagging. You will need a switch that supports 802.1Q VLANs.
Regards,
DaneA
NETGEAR Community Team
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
