NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
VLAN on Netgear GS324TP
I want to span two different WLANs (based on Ubiquity-APs) both using the guest port of a Fritz!Box for Internet access. Let's say these VLANs have ID 200 and 300. IOn my Netgear GS324TP I defined t...
The FritzBox is not VLAN-aware. Instead, you can have ports for the normal LAN plus one for the guest LAN port connected to dedicated VLANs. To assign these to a defined VLAN, configure these like access ports, for example
First, create two VLANs, 200 and 300 as per your design
One port for connecting the FritzBox normal LAN port [U]ntagged for VLAN 200, PVID set to 200
A different port for connecting the FritzBox guest LAN port [U]ntagged for VLAN 300, PVID set to 300
Needless to say, for the wireless access points define a trunk port carrying VLAN 200 and VLAN 300 [T]agged mapped on the access points to the two relevant SSIDs.
Correct: On the same port, only one VLAN can be carried untagged for the obvious reason.
PS The GS324TP is a Smart Switch, thus I'm requesting a moderator to move this thread away from managed Switch section to the appropriate Plus And Smart Switches Forum section to discuss Smart Switches (T) and Plus Switches (E), including Local and Remote Management
Thanks for explanation! This is exactly what I understood.
But concerning On the same port, only one VLAN can be carried untagged for the obvious reason. (which I did to span two WLANs on the guest port of the Fritz!Box): This works ( on both WLANs I have Internet access) - so: What are the obvious reasons?
Thanks - Michael
This is not what I had described above. The two physical ports make up different VLANs but implemented as untagged access ports each is fine.
Or do you talk of two SSIDs mapped to two tagged VLAN on the access points mapped to the same physical port? This can't work. The PVID config on the port does define to which VLAN the untagged frames will be assessed ciateed. And this can be only one.
Both the guest and the normal LAN can provide Internet access over the NAT router.
Sho us some screenshots of what you have configured please.
Thanks!
I attached my complete configuration. Port 23 is connected to the guest port of the Fritz!Box and VLAN 200 and 300 handle two different WLAN-SSIDs (implemented via Ubiquiti-APs).
I understand that this should not work, but: Devices connected to either of both WLANs have Internet access through port 23 (their IP-address is in the range of the FB guest network [192.168.179.x]).
This in general is what I want/need but I am not sure if this only works by error and if both WLANs are really separated.
Michael
Michael,
Ganz kurz in Deutsch, die Anglosachsen werden es uns verzeihen (oder auch nicht).
Mit einer FritzBox: Mir erschliest sich nicht wie, ab einer FritzBox (mit einem LAN und einem Gast-LAN) nicht weniger als vier Netzwerke/VLAN 1,100, 200, 300 reaisiert werden sollten.
Fröhliches Raten: FritzBox LAN Ports (drei oder vier, je nach Modell) hängen auf Port 22 (VLAN 1, untagged), Port 24 (VLAN 100, untagged), vielleicht auch Port 21 (VLAN 1, untagged), und dazu noch das VLAN-mässig fälschlicherweise überbelegte Gast-LAN auf Port 23.
Das Gast-LAN ausschliesslich als eigenes Netzwerk (Subnetz 192.168.179.x/24), als VLAN 200 auf dem Port 23 übernommen werden.
Wenn man dann Wireless Access Points integriert, kann man durchaus auch SSIDs für die vier Netzwerke Default (VLAN 1), Intern (VLAN 100), Gast (VLAN 200) und Kantine (VLAN 300) realisieren - auch wenn 1, 100 und 300 auf dem selben IP Subnetz laufen, und nur das Gast auf 200,
Unbedint aufräumen! Hilft das so mal weiter?
Grüsse aus der Schweiz!
-Kurt
NETGEAR Academy
Steigern Sie Ihre Fähigkeiten mit der Netgear Academy - Lassen Sie sich schulen, zertifizieren und bleiben Sie mit der neuesten Netgear-Technologie auf dem neuesten Stand!
Machen Sie mit!
ProSupport for Business
Umfassende Supportpläne für maximale Netzwerkverfügbarkeit und geschäftliche Sicherheit