NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
VLAN trunk with WAP
I'm trying to get VLANs working with my wireless access point. I have my firewall/router plugged into port 1 on the switch and have 6 VLANs setup on the firewall/router. On the switch I have VLAN 1 a...
schumaku wrote:
Kingrazor001 wrote:
schumaku wrote:
Kingrazor001 wrote:
I tried applying VLAN ID 5 to a port untagged with port 1 tagged and PVID of 5 on that port and it worked.The test port must be VLAN ID 5, Untagged, PVID 5.
The test port must be VLAN ID [2..6], Untagged, PVID [2..6] mor generic for the other VLANs.
So it looks like VLAN trunking isn't supported. If that's the case, I'd need to have one SSID per WAP to use VLANs with this switch. Right now all WAPs have all SSIDs. Guess I need a new switch.
Nope, no new switch. Just a slightly flat learning curve on VLANs, and thier troubleshooting.
I'm asking you to set-up a non-trunked port for a test system - and move this through all the VLANs required - like this we can ensure the VLAN work appropriate between the switch and the router.
Look, >95% of the issues are on the router/VLAN/IP subnet/DHCP configuration side, and not on the L2 switches. And when I read above that you have two untagged VLANs configured on a port, that's the guaranteed start into a disaster.
I have it working now. I apparently attached the VLANs on the router to the WAN port instead of the LAN port.
schumaku wrote:
To start with troubleshooting, configure a test port on the switch dedicated for each VLAN (samle VLAN ID and PVID) [U]ntagged and connect a computer there - it should get an IP address bc DHCP for that subnet, and be able to ping the related default gateway, and (depending on the firewall rules) reach the Internet or some internal LAN.
This worked. I tested by first untagging port 24 on VLAN 2 and connected a computer to it. No IP. Then I tagged that port. Still no IP. Then I changed the PVID for that port from 1 to 2 while the port was untagged. That worked and I got an IP from the correct subnet.
What I don't know though is how to configure this port as a trunk port and have multiple VLANs assigned to it, since you can only assign one PVID to each port.
Great, you started testing and experiencing - exactly what I expected.
Now there is a little error in the config - the PVID does define the VLAN untagged incoming packets are assigned to Define the test port to VLAN ID 2 [u]ntagged, and PVID 2 - and a normal computer (not VLAN aware) will work straight away.
If these test ports are fine, you can have an eye on the WAC trunk port - all the VLANs (except of the base one which you might want or have to keep untagged for the WAC administration) must be [t]agged, only the base VLAN is [u]ntagged and PVID.
schumaku wrote:
Great, you started testing and experiencing - exactly what I expected.
Now there is a little error in the config - the PVID does define the VLAN untagged incoming packets are assigned to Define the test port to VLAN ID 2 [u]ntagged, and PVID 2 - and a normal computer (not VLAN aware) will work straight away.
If these test ports are fine, you can have an eye on the WAC trunk port - all the VLANs (except of the base one which you might want or have to keep untagged for the WAC administration) must be [t]agged, only the base VLAN is [u]ntagged and PVID.
Ok, but how do I assign multiple VLANs to a port other than port 1? So far when I try, it doesn't work. Tagged or untagged.
By going over the VLAN ID required, marking each VLAN tagged on the port (or the LAG) - VLAN Membership ... select the VLAN ... and mark port(s) and/or LAG as [T]agged or [U]ntagged for example?
Does this switch not support multiple VLAN trunk ports?
I have the WAP plugged into port 3. I have all VLANs tagged on port 3. But, I can't get an IP address on any of my tagged SSIDs.
I would assume even these Smart Managed Plus switches do - I'm not familiar with the JGS524PE model. Does it have a full Web UI including the VLAN config in switching, or do you have to use the ProSafe Plus Configuration Utility?
VLAN -> 802.1Q -> Advanced 802.1Q -> VLAN Configuration
VLAN -> 802.1Q -> Advanced 802.1Q -> VLAN Membership
If these config options are available, I would assume it does work accordingly.
Could still be a config problem of the switch ports, being the trunk to the security appliance, being the trunk to the WAC, being the WAC itself.
Edit: The switch firmwae is anywhere near to the current one as from the JGS524PE model downloads https://www.netgear.com/support/product/JGS524PE.aspx#download ?
Sorry for my confusion before, I had a different switch family in mind.
Regards,
-Kurt
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
