NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
Strange issue on GS108Ev3 with VLAN
Hello I've a GS108Ev3 with firmware V2.06.14EN.
I've configured Advanced 802.1Q VLAN and and this is the schema:
VLAN ID 1 with port 1,3,4,6,7 port 3 is tagged and is dedicated to the firewall and the other ports are untagged with pvid 1
VALN ID 2 with port 3,8 (port 3 is tagged and 8 untagged with vpid 2)
VLAN ID 3 with port 3,5 (port 3 is tagged and 5 untagged with vpid 3)
VLAN ID 10 with port 2 untagged with vpid 10
My problem is that if I connect a laptop on the port 2 (VLAN 10) if I put on it the same class range ip of VLAN 1,2,3 I can ping the other pc on the respective lans.
Can you help me to understand why?
Any help is appreciated.
Bye,
Shalimano
Just the ubiquitous advice: Re-flash firmware, factory reset, and reconfigure from scratch again.
4 Replies
shalimano wrote:VLAN ID 1 with port 1,3,4,6,7 port 3 is tagged and is dedicated to the firewall and the other ports are untagged with pvid 1
VALN ID 2 with port 3,8 (port 3 is tagged and 8 untagged with vpid 2)
VLAN ID 3 with port 3,5 (port 3 is tagged and 5 untagged with vpid 3)
VLAN ID 10 with port 2 untagged with vpid 10The 802.1q VLAN scheme looks ok to me, permitting it's implemented as documented...
shalimano wrote:My problem is that if I connect a laptop on the port 2 (VLAN 10) if I put on it the same class range ip of VLAN 1,2,3 I can ping the other pc on the respective lans.
...this should not be possible, indeed. The VLAN 10 is an isolated VLAN on it's own.
Just for curiosity, the notebook does not have WiFi active and the ping does go over the backdoor channel and the router?
schumaku wrote:
shalimano wrote:VLAN ID 1 with port 1,3,4,6,7 port 3 is tagged and is dedicated to the firewall and the other ports are untagged with pvid 1
VALN ID 2 with port 3,8 (port 3 is tagged and 8 untagged with vpid 2)
VLAN ID 3 with port 3,5 (port 3 is tagged and 5 untagged with vpid 3)
VLAN ID 10 with port 2 untagged with vpid 10The 802.1q VLAN scheme looks ok to me, permitting it's implemented as documented...
shalimano wrote:My problem is that if I connect a laptop on the port 2 (VLAN 10) if I put on it the same class range ip of VLAN 1,2,3 I can ping the other pc on the respective lans.
...this should not be possible, indeed. The VLAN 10 is an isolated VLAN on it's own.
Just for curiosity, the notebook does not have WiFi active and the ping does go over the backdoor channel and the router?
Thank you for the answer.
The laptop is not wifi connected and when I unplug the cable on port 2 the ping fail.
Just the ubiquitous advice: Re-flash firmware, factory reset, and reconfigure from scratch again.
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
