NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
BR500 Issues and Feedback.
Been looking forward to the BR500 release for some time now and finally just procured one through Powershift Eval.
First impressions:
DHCP Servers and VLAN setup through Insight got my blood ...
VLANs are rather easy to setup but only in standalone mode at the moment. Insight kept having bugs where it wouldn't allow me to add/remove them very easy. It actually created a duplicate VLAN and then I couldn't get rid of it. Not quite sure what the deal was there.
In standalone mode, go to the "Advanced" tab and on the left Menu is a button for VLAN. Pretty easy. I'm running (4) of them without issue.
Thanks for your reply Mike!
However my question was not if it supported VLANs.
It was more if firewall rules between VLANs (with port restrictions) are easy to configure and work.
I just ask this specifically because I had some bad experiences with this in the past.
Give me an example and I will give it a shot and let you know :)
Hi Mike,
Thanks for being so awesome to help in this, because I could not find it in any documentation online so far!
These are just examples of tests you could do:
Test one:
You have one VLAN and another with an http server running on it. Now add a firewall rule that blocks all traffic.
Check if they indeed can't reach eachother. Then add another rule that only allows HTTP. Check if you can reach the HTTP server.
Test two:
Let's say between 2 VLANs you block all icmp traffic. Ping on clients on VLAN 1 to clients on VLAN 2 should fail from both sides.
Now you only block icmp from VLAN 2 (with pc 1) to VLAN 1 but not in reverse, this should mean the ping request starting from a client on VLAN 1 reaches a client on VLAN 2 (sniffable) but the reply doesn't come back through. Check if this is the case.
These are however just indications of tests. If you know other tests that are easier to check firewall rules with ports in your setup feel free to do so.
Thanks a lot !!!!
Thorwald
Might take a bit for me to get around to, but usually that has to do with allowing VLAN interweaving which you can turn on and off between the VLANs. A lot of that also depends on the switches you use, if any.
Right now, I'm only using one LAN port with a bunch of cascaded switches and none of my VLAN traffic is able to see any other VLAN traffic. I have it set that way so that on my one VLAN, that's where all my client machines that have infections get connection to the internet and I can't afford to have them infect the rest of my network. Also, I'm running a bunch of GS110TP switches that support VLAN tagging and routing, so even at the switch level, I am covered.
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
