Hi All,Example Scenario using the equipment in the title to share internet and a network printer:7 vlans with their own ip range (dhcp served by router)Vlan 1-5 on Switch A connected via Switch Port 1 to Router Port 1Vlan 6 on Switch B connected via Switch Port 1 to Router Port 2Vlan 7 on Router Port 3Vlans 1-3 and 6, 7 need internet accessVlans 1,2, 7 need access to printer on Switch A Port 2Where does inter vlan networking need to be enabled to allow separate vlans to access the network printer in its own seperate vlan but -- not communicate with eachother.If inter vlan networking needs to be activated in each vlan, what stops the vlans from communicating with eachother?Thanksthe_e

inter vlan and/or VLAN rules both are in fvs318N

Hi June,Thanks for the answer.I know that there is the option to select "Enable Inter VLAN Routing" at the end of the "Edit VLAN profile".The FVS318n -- Firmware version 4.2.0-14 -- does not appear to have a menu for VLAN rules.It would still be nice to know where inter vlan routing needs to be activated -- 1) In the vlan that connects the router and the two switches together?2) In the vlan where the printer would be?3) In each of the other vlans that need to print?4) If inter vlan routing is enabled in the vlans -- in the example 1,2,7, and 4 (printer in 4) -- what stops 1,2,7 communicating with eachother?Regardsthe_e

inter vlan will fully make both vlan to communicate so if you want only single device to be accessed from other vlan then use vlan profile and specify specifics.

That is where I am having problems getting my head around it. There would only be one PC in each of vlans 1, 3, 7, one network printer in Vlan 4. If I understand you correctly Inter vlan routing needs to be activated on 1,3,4,7. That means that vlan 1, 2, 3, 7 will all print on vlan 4. Vlan 1 will not see Vlan 2, 3, 7 -- correct?I would probably need another trunk vlan with its own ip subnet containing the router and the two switches. Let's call it vlan 8. VLan 8 would contain ports 1, 2 on the router and NOT have inter vlan activated?

intervlan on each will OPEN to all access to network devices each other.you need to create mutlple vlan profile to for each vlan to reach ex vlan 4's single printer IP etc..

FVS318n and 2 GS108ev2 Switches | NETGEAR Communities

19 Replies

jmizoguchi
Virtuoso
Nov 28, 2012
inter vlan and/or VLAN rules both are in fvs318N
the_e
Aspirant
Nov 28, 2012
Hi June,
Thanks for the answer.
I know that there is the option to select "Enable Inter VLAN Routing" at the end of the "Edit VLAN profile".

The FVS318n -- Firmware version 4.2.0-14 -- does not appear to have a menu for VLAN rules.

It would still be nice to know where inter vlan routing needs to be activated -- 1) In the vlan that connects the router and the two switches together?
2) In the vlan where the printer would be?
3) In each of the other vlans that need to print?
4) If inter vlan routing is enabled in the vlans -- in the example 1,2,7, and 4 (printer in 4) -- what stops 1,2,7 communicating with eachother?
Regards
the_e
jmizoguchi
Virtuoso
Nov 29, 2012
inter vlan will fully make both vlan to communicate so if you want only single device to be accessed from other vlan then use vlan profile and specify specifics.
the_e
Aspirant
Nov 29, 2012
That is where I am having problems getting my head around it. There would only be one PC in each of vlans 1, 3, 7, one network printer in Vlan 4. If I understand you correctly Inter vlan routing needs to be activated on 1,3,4,7. That means that vlan 1, 2, 3, 7 will all print on vlan 4. Vlan 1 will not see Vlan 2, 3, 7 -- correct?

I would probably need another trunk vlan with its own ip subnet containing the router and the two switches. Let's call it vlan 8. VLan 8 would contain ports 1, 2 on the router and NOT have inter vlan activated?
jmizoguchi
Virtuoso
Nov 29, 2012
intervlan on each will OPEN to all access to network devices each other.

you need to create mutlple vlan profile to for each vlan to reach ex vlan 4's single printer IP etc..
the_e
Aspirant
Nov 29, 2012
On the FVS318n, I can set inter vlan networking on each separate vlan. I can set which ports on the router belong to each vlan, the ip range, dhcp. There are no lan to lan firewall rules.

On the switches, I can tag and untag ports for each vlan.

This cannot be a unique set-up -- it is just a router, 2 switches, a few vlans and a shared network printer.

What is the point of vlans if enabling inter vlan networking allows everyone everywhere?

If the FVS318n cannot handle this, what would I need?
jmizoguchi
Virtuoso
Nov 29, 2012
I don't own this model personally so I can't tell if GUI has as mine but isn't here VLan rules next to other WAN-LAN rules,etc?
the_e
Aspirant
Nov 29, 2012
Unfortunately not. The menus under Security, Firewall are:
LAN WAN Rules; DMZ WAN Rules; LAN DMZ Rules; Attack Checks; Session Limit; Advanced

Does this mean I need to change the FVS318n for something better?
jmizoguchi
Virtuoso
Nov 30, 2012
srxn or prosecure UTM series is what you want

you can still use inter vlan on fvs318N but i will basically open entire network to commotion across the vlan but that is not what you wanted to do
Daedalus01
Aspirant
Nov 30, 2012
When did the 3205 get VLAN June? I think he means the SRX5308 and not the SRXN3205. The 5308 is my next router when I stop buying switches, servers, and NAS devices. Also, on the GS108E, you can use static VLAN ports to make the printer on one VLAN, make all the other VLANS able to access that VLAN but not each other. That way you don't have to buy any new equipment, but wheres the fun in that?