NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
VLAN Sanity check for GS105Ev2
Hi after some digging/reading I think I have my switch setup correctly for the most part. Hoping someone can verify my configruation is correct for what I want to accomplish which is VLAN isolation a...
Hello schumaku ,
Thank you kindly for your reply.
I am afraid I do not fully understand what you are trying to say in regards to needing another port?
I may be misunderstanding how the switch should be set up? I do have a complicated network but it works well. I have an NVR surveillance camera system on this switch (Port 4, VLAN 60) that I do not trust and is why I want it isolated from the other VLANS.
Port 1 of the switch is plugged into the router NIC and I have NOT created a VLAN 1 in the router. I thought I read that in this scenario at the very least Port 1 has to be untagged on VLAN 1. Is this correct? I only untagged Port 2 on VLAN 1 because I thought it was the only way to access the web gui for the switch from VLAN 50. After reading your reply I do understand now that Port 2 on VLAN 1 does not need to be tagged or untagged. I went ahead and left Port 2 on VLAN 1 empty and can still access the switches web gui, so thank you.
Could you recommend specific changes I should make on the switch at this point?
Also, since Port 1 is attached to the router and I have no VLAN 1 setup in the router, should Port 1 VLAN 1 be tagged, untagged, or empty? Or should I create a VLAN 1 in the router and tag Port 1 VLAN 1 and leave the rest of the Ports on VLAN 1 empty?
Nothing overly complex, nice four VLAN set-up! If you don't use the VLAN1 on the security appliance - you can keep it untagged towards the security appliance - what's the point?
As mentioned before, there is no management VLAN design on most Smart Managed Plus.
If you had a switch like a Smart Managed Pro or Managed class (or some 10G Smart Managed Plus model), there would be a management VLAN you could freely configure. And I would assume you d'take it to the VLAN 50 where your management station is (I guess also for the pfsense).
When the network is growing - currently it looks you fan-out the four VLANs to four untagged ports and dedicated hardware (that's why you have the four VLAN ports untagged, right?) you would run VLAN trunks to the next switch, configured very similar to the port connecting to the pfsense.
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
