NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Orbi Pro SXK80 Not Using Insight VLAN?
Topology:
* Cable modem
** Orbi Pro SXR80 (router)
*** Netgear GC108PP (switch)
*** Orbi Pro SXS80 (satellite AP, wireless backhaul to SXR80)
The router, switch, and satellite are all managed by Insight. I upgraded to the Orbi Pro from previously using two WAC510s and an unmanaged router.
I originally wanted to just get the Insight Business Router, but Netgear killed that off, so Orbi Pro was the only Insight-manageable router option.
Problem is that it appears that the SXR80 (router) is off in it's own world... Networks, VLANs, etc. set up for Insight globally aren't visible to the SXR80. Similarly, SSIDs set up by the SXR80 are not able to be associated to Insight VLANs.
I've been able to work around this by effectively having two sets of VLANs (one for the SXR80 and one for Insight) that use the same VLAN ID tag, but that to me is asking for trouble and also means the replacing an SXR80 requires manual reconfiguration instead of just pulling down a global config from Insight... Is this expected behavior?
Also, why is the initial SSID on the SXR80 hard-linked to the built-in Default/Admin VLAN 1 that I can't disable or even hide? Are small businesses exempt from the most basic network security practices?
* Cable modem
** Orbi Pro SXR80 (router)
*** Netgear GC108PP (switch)
*** Orbi Pro SXS80 (satellite AP, wireless backhaul to SXR80)
The router, switch, and satellite are all managed by Insight. I upgraded to the Orbi Pro from previously using two WAC510s and an unmanaged router.
I originally wanted to just get the Insight Business Router, but Netgear killed that off, so Orbi Pro was the only Insight-manageable router option.
Problem is that it appears that the SXR80 (router) is off in it's own world... Networks, VLANs, etc. set up for Insight globally aren't visible to the SXR80. Similarly, SSIDs set up by the SXR80 are not able to be associated to Insight VLANs.
I've been able to work around this by effectively having two sets of VLANs (one for the SXR80 and one for Insight) that use the same VLAN ID tag, but that to me is asking for trouble and also means the replacing an SXR80 requires manual reconfiguration instead of just pulling down a global config from Insight... Is this expected behavior?
Also, why is the initial SSID on the SXR80 hard-linked to the built-in Default/Admin VLAN 1 that I can't disable or even hide? Are small businesses exempt from the most basic network security practices?
1 Reply
Mortiel wrote:
...
** Orbi Pro SXR80 (router)
*** Netgear GC108PP (switch)
*** Orbi Pro SXS80 (satellite AP, wireless backhaul to SXR80)
The router, switch, and satellite are all managed by Insight. I upgraded to the Orbi Pro from previously using two WAC510s and an unmanaged router.
...
Problem is that it appears that the SXR80 (router) is off in it's own world... Networks, VLANs, etc. set up for Insight globally aren't visible to the SXR80. Similarly, SSIDs set up by the SXR80 are not able to be associated to Insight VLANs.Something basically wrong. The SXR80 should only allow read-only access to the VLAN config, and must not allow local VLAN configuration if Insight-managed. Appears the SXR local Web UI does still not do this properly.
Mortiel wrote:
I originally wanted to just get the Insight Business Router, but Netgear killed that off, so Orbi Pro was the only Insight-manageable router option.Yes, Netgear offered Orbi Pro WiFi 6 (SRX30 to be correct) in replacement for the (political, not technical) ill-fated BR500 and BR200 Insight-router back then.
Times have changed, Netgear has released the Pro Router (PR60X) 10G/Multi-Gigabit Dual-WAN Pro Router with Insight Cloud Management in the meantime.
Mortiel wrote:
Also, why is the initial SSID on the SXR80 hard-linked to the built-in Default/Admin VLAN 1 that I can't disable or even hide? Are small businesses exempt from the most basic network security practices?The idea - caused by a almost historical problem on many older Cisco devices - does not go out of peoples minds. There was a time these devices silently accepted the VLAN 1 tagged on a trunk, as it was in use for all kinds of global traffic - and it was back then not possible to change this Cisco Native VLAN where all control traffic was flowing out -and- in uncontrolled.
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
