Reply

Re: WAC510 as router connected to GS308E VLANs

AndrewD_
Aspirant

WAC510 as router connected to GS308E VLANs

Hi, I have a BT smart hub connected to the WAN port of a WAC510 set up in router mode with multiple SSIDs each with their own VLAN eg SSID1, VLAN1. Each SSID is set up with DHCP servers and all is working as expected on the WIFI side of things.
I also have a GS308E with the same multiple VLANs. I have the WAC510 connected to port 7, but I can’t get the VALNs to work between the two devices.
As soon as I make port 7”T” On the GS308E it stops working. Can the LAN port on the WAC510 not handle VLANs? If so how do I set this up.
In short I just want to expand the WAC510 physical ports to 7 with VLANs support.
Message 1 of 7
schumaku
Guru

Re: WAC510 as router connected to GS308E VLANs

You need to configure all VLAN required on the switch, too.

For the switch port connecting to the router LAN port configured as trunk, typical set-up is using untagged for the primary LAN/VLAN, all other VLAN are operated as tagged.

If you want to configure a switch port to be associated to a different VLAN, the existing config.untagged for VLAN must be removed, the port must be set untagged for the VLAN "X", and the PVID defining the VLAN ID untagged frames on this port are associated must be sent to must be set to PVID "X", too.
Message 2 of 7
AndrewD_
Aspirant

Re: WAC510 as router connected to GS308E VLANs

Thank you for helping me. 

 

I think i have everything set up as you described but from searching for information on your message it looks like the GS308E doesn't support trunking (LAG settings) ... For a amaged switch i would of exspected it to. 

 

Does this look correct to you and could you advise what switch you would use?

 

I guess my other option is to buy a full router and just use the WAC510 as a AP with the said SSID/VLAN config and allow the router to do the DHCP server work, plus all of the other options. Again which one would you suggest for a small business set up? 

 

Many Thanks

 

Andy

 

Message 3 of 7
schumaku
Guru

Re: WAC510 as router connected to GS308E VLANs

Andy,

 

The suggestion is about a VLAN trunk (on single link), not port aggregation/LAG.combining multiple ports - a feature not available on the WAC510 LAN ports and some of the small switches like the GS308E probably, too.

 

I must admit I was wrong on the WAC510 VLAN and IP subnet capabilities. In router mode only one SSID and one VLAN is possible (by default VLAN 1). Changing the WAC520 -router- LAN and management VLAN ID is in my opinion just cosmetic. Had a WAC510 in router mode during the early Beta times only, today we're operating WAC5xx and WAX6xx in AP mode. Would love to promote the Netgear BR200 (BR500 stripped from the cloud VPN feature), but had to learn the hard way that it's down to low level security update fix mode only, known issues and restrictions don't appear to change anymore, an no more new manufacturing lots for now.

 

The VLAN limitation you are facing isn't caused by the very basic configurable GS308E switch, it's a WAC510 router mode limitation in my understanding.

 

Regards

-Kurt

 

Message 4 of 7
AndrewD_
Aspirant

Re: WAC510 as router connected to GS308E VLANs

Great, thanks for the extra info.
I did a quick google about the BR200 security and didn’t find much, do you know of this is still an issue?
What would you recommend instead? I’m looking for around 4 vlans or more and I already have a GS308E and WAC510 AP so I could go wireless or just wired for the router. Again I could go ADSL or just a router. Currently got a BT smart hub 2 so this will need to go.

Thanks

Andy
Message 5 of 7
DougHog
Aspirant

Re: WAC510 as router connected to GS308E VLANs

FYI: I have a BR200 router which allowed me to try WAC5xx in AP mode and VLAN with GC110 as my switch which allowed setting trunk mode on the AP port and the router port.  I wanted to say that the BR200 did not have much flexibility in passing out DNS address with DHCP, it would only give its own address (acting as DNS relay or proxy or whatever appropriate name is).  Although I could live with that concept, I seemed to find that it added around 72ms to DNS transactions - perhaps that is the type of non-security "bug" which isn't being addressed.  I found that out after my dealer return period, but it bugged me enough to abandon BR200 and I've been happy with a non-Netgear router that I purchased instead.  That other router would let me give out alternative DNS address in DHCP if I wanted, but I go ahead and let it default to its own address (for the relay or proxy or whatever you call it) but there is no longer extra 72ms delay.

 

Note: I did not personally confirm the statements about WAC510 in router mode only allowing one specified VLAN.  I thought the UI allowed setting multiple SSIDs each with separate VLAN, so like you said I would expect the LAN port be sending out packets with tagged VLANs, and then you'd hook that to a switch which has trunk mode set for the WAC510 port.  I get confused with some other details mentioned such as PVID, lots of times there is teminology which relates to the style of VLAN which is based on which physical switch port you are connected to (and adding a tag).  I think on a MX510TX switch which didn't list "trunk" mode I added the VLAN numbers in the switch and then somewhere in the port setup I listed those as VLANs which were allowed through the port.  No adding tags - just being sure that I had those multiple VLANs specified as allowed through (otherwise the packets disappear inside the switch).

Message 6 of 7
schumaku
Guru

Re: WAC510 as router connected to GS308E VLANs


@DougHog wrote:

I did not personally confirm the statements about WAC510 in router mode only allowing one specified VLAN.  I thought the UI allowed setting multiple SSIDs each with separate VLAN, so like you said I would expect the LAN port be sending out packets with tagged VLANs, and then you'd hook that to a switch which has trunk mode set for the WAC510 port.


In access Point mode yes, of course - in plain router mode no. This made me publish wrong information.

 


@DougHog wrote:

I get confused with some other details mentioned such as PVID, lots of times there is teminology which relates to the style of VLAN which is based on which physical switch port you are connected to (and adding a tag).


Again, unlucky information - the BRx00 does only allow one VLAN on a port as untagged, so no PVID config indeed.

 

BRx00 VLAN port untagged.PNG

 

 

Message 7 of 7
Top Contributors
Discussion stats
  • 6 replies
  • 290 views
  • 2 kudos
  • 3 in conversation
Announcements