NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Can't access admin after enabling VLAN
Hello everyone This is the first time ever I used VLAN and so far I did achieved what I needed by enabling, but I lost access on admin account. after entering correct ip address in my browser it w...
ok so I was able to access admin trough Ethernet cable connected directly to router, but not through WiFi VLAN. anyways it's strange why I can't get connected to admin when connected rough wifi.
NEDi --
I'm not 100% familiar with NetGear, but as far as networking goes, you need to set a specific VLAN (default is generally VLAN ID 1) as your "Admin" VLAN, then you need to either Tag or Untag a port for that specific VLAN.
You can also Trunk a port to include all VLAN's by Tagging all VLAN's for that specific port.
I know a lot of this is confusing, and I'm probably not helping that fact, but I hope some of this helps!
Is there any specific reason why you are wanting to VLAN off a 4 port router? We use VLAN's on switches for our clients when we're wanting to route specific data to certain ports, but block that information from other ports, yet have all of that information touch Trunk port(s). Basically creating a second, third, fourth, etc etc etc switch virtually (get it?! Virtually - VLAN ha!)
thanks for your reply it kinda gave me an idea what I did wrong.
so the idea is to have WiFi on VLAN is to give users access only to internet and local network printer and not to be able to see rest of the network conected computers and servers, which I have them also connected to TZ600 trough smart managed Netgear Switch. so this is how it looks like: Fiber Modem>TZ600>R8500 (WiFi)/Netgear GS752TPS>servers, computers and printer. can this be done any better way with current equipment? thanks
Hello again - I'm glad I could give you somewhat of an idea about VLAN's!
I'm curious to know if you are assigning static IP's to the wireless devices, whitelisting through MAC, or if you have a DHCP server?
Since VLAN means Virtual Local Area Network, technically, you would be setting the Access Point (depending on type of access point, multiple SSID's can be used under different VLANs/Subnets/IP Schemes) as the VLAN and the devices that are connected to said Access Point (or SSID), would be set to that VLAN.
Conveluted enough for ya? Lets break it down --
ISP--> Firewall ---> Network Switch(es) ---> Access Point 1 & Access Point 2
Lets assume each Access Point (AP) has only 1 SSID named N1 and N2, respectivly.
N1 -- You want Group A to see Printer A and Server A
N2 -- You want Group B to see Printer B and Server B
Whoever is connected directly to the Network Switch, you want them to be able to send and receive data from everything to the AP's, so nothing gets lost.
AP1 and AP2 are plugged into Ports 4 & 5
Your Trunk port from your Firewall (all data that is allowed through the firewall can be considered a Trunk port, since Trunks typically allow data from mulitple VLAN's through) is plugged into port 10 on your Network Switch.
Port 4 (AP1) you would set as whatever VLAN, lets use 11, and name it whatever, lets say N1
Port 5 (AP2) you would set as a different VLAN, lets use 22, and name something else, lets say N2
You would "Untag" port 4 for VLAN 11 - Tag port 10
You would "Untag" port 5 for VLAN 22 - Tag port 10
If you want your Trunk (port 10) to be able to relay all information to multiple AP's and multiple Network Switches, you would Tag port 10 for every single VLAN so it allows all the data through and seperates it out to whatever device is allowed to receive said data.
You will, of course, need to make sure the IP Schemes and Subnets match on the devices. However, your Network Switch can be on a whole different Subnet (I set my switches to 255.255.255.0 and all of my devices to 255.255.224.0).
Again, I'm not super familiar with NetGear, as they're not DoD Whitelisted so we can't use them for work, but be sure to set a specific port to the management VLAN, or else you'll need a console cable everytime you want to connect to the admin portion of it!
I know this is a HUGE wall of text, but I'll do my best to answer what I can if you have any questions!
Thank you so much for such a great explanation! really appriciate your input. let me read it carefully few times and see if I get it right and I'll get back to you with questions. thanks again!