NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

Lippert's avatar
Lippert
Aspirant
Nov 08, 2018

One firewall creating multiple networks that can not see eachother

I would like to configure a network like this:   Using the SRX5308 firewall and a netgear switch with VLAN support.  This should be simple, but i can not find any way in the manual of th...
Hardware
Security
Solutions
schumaku's avatar
schumaku
Guru - Experienced User
Nov 09, 2018

https://www.netgear.com/support/product/SRX5308.aspx

 

Attention:

NETGEAR Inc. will terminate the ProSAFE VPN Firewalls on September 1, 2017. The last software update for these products was provided in April 2017. NETGEAR Inc. will continue to honor valid warranty claims for all ProSAFE VPN Firewall devices purchased from an authorized reseller. To complete the full exit from the product line, NETGEAR Inc. will no longer provide ProSAFE VPN Firewall software support or subscription updates for any ProSAFE VPN Firewall devices after September 1, 2017.

 

Also on the page you referred:

 

 

 

Netgear has recently launched the BR500 router ... what appears to be a small step into the right direction. Lack of personal experience with this device, I refuse to suggest getting one here. As of writing, it appears to be point solution for some K.I.S.S. VPN connection between different sites, plus some...

  • Lippert's avatar
    Lippert
    Aspirant
    Nov 09, 2018

    You're right. the BR500 is the new one, however i still don't see any evidence that it's able to do the required job.

     

    Which leaves me with my quesiton still standing. Any input would be highly appreciated.

     

    • schumaku's avatar
      schumaku
      Guru - Experienced User
      Nov 09, 2018

      Can you please line-out the "networks that can see each other" in some more words and applications?

       

      Pure routing is one thing - leaving the performance alone, it's relatively easy to achieve. Lots of Apps and IoT require the devices to be in the very same TCP/IP subnetwork - device discovery, service announcements, ... often depends on plain IPv4 broadcast, sometimes some very-magic L2 is used ... and even the Bonjour stuff does often not work over different L2 segments and subnets.

       

      From discussions and presentations with NTGR people ref. the BR500 we discovered that some features are not covered by the documentation (the initial User Manual), and probably other tech features from the marketing list might be not available initially. Thus it's all a little bit digging in the dark.

      • Lippert's avatar
        Lippert
        Aspirant
        Nov 09, 2018

        What i mean is Two seperate networks. So they will act as they are independent networks going out to the internet seperately but through one firewall. 

        Pretty much as the drawing shows. Devices on one network are under no circumstances able to send or receive traffice from other networks without going out through the firewall and hitting the internet first.

         

        I just went through the BR500 manual, but it doesn't really show any such configurations. There is a bit aobut firewall rules and VLAN setup but not enough to clearly give an indicatio if the illustrated setup above is possible. 

         

        Otherwise i'll have to go with a Cisco AR box as that clearly has the capability.

         

        BR

        Kristoffer

         

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More