GS308EPP access over the OpenVpn remote connection
Hi,
I have problem accessing the switch over the OpenVPN.
The switch is set to fix IP:
10.0.80.1x
Number 80 represents my VLAN 80 which is my manegement VLAN
I do understand that the switch doesent have dedicated management VLAN, that's why the port is configured to use untaged frames ... and this should work as I used many similar devices (without dedicated managment VLAN in this way)...
Buit wahtever I try.. whatever I do.. I can't access my SWITCH from the remote location over the OpenVPN...
I can only access it if I connect directly to it...
Can someone explain how can I set up the switch in order to be able to accessit also over the VPN... which is always my first choice...
Re: GS308EPP access over the OpenVpn remote connection
One of the known but undocumented design limitations. The Plus switch microcontroller IP stack can't and won't handle non-standard (slightly smaller) frame sizes frames as in use when coming on over OpenVPN. Said that: There is no PMTUD possible.
Re: GS308EPP access over the OpenVpn remote connection
Hi,
Thank You for the fast response... and the suggestion...
1) My situation is next:
a) If I set the static IP which is NOT in a group of my VLAN's and NOT in my management VLAN...
for example 10.0.1.11x then I don't have any problems connecting to the device over the VPN or any other remote connection.
b) As soon as I change the static IP adress to be one of my VLAN's members (VLAN 80 is my management VLAN)
for example 10.0.80.11x ... then there is no way of me to reach out and connect to the SWITCH no matter how do I set the port tagging (hybrid, trunk, tagged, untagged, native 1,80,...).. Just not possible to connect with the device...
2) My question is basically ..Can/Could I set the option to have my NETGEAR switch inside the dedicated management
VLAN --> VLAN 80 (untagged frames ofcourse..) or there is a limitation for this on the SWITCH itself... Since it looks as the only NATIVE VLAN 1 is allowed...?
Hope if someone can explain me if and how can I gain access to my switch if I set it's static IP in one of the VLAN's which differ from VLAN 1 (NATIVE)
Hope if someone can explain me if and how can I gain access to my switch if I set it's static IP in one of the VLAN's which differ from VLAN 1 (NATIVE)
The VLAN your are using for bringing the VLAN to near to the switch can't have any relevance. The point is the uC can understand untagged frames as for the IP stack where the Web UI is accessible. Any VLAN can be used - there is nothing left from the VLAN ID used the moment the frames are untagged. Note: There is no native VLAN 1 known in any way by this unmanaged switch.
Re: GS308EPP access over the OpenVpn remote connection
Thanks for fast reply... Maybe my explanation/question is a bit complicated...due to the fact I'm not an IT expert and just being "home network entusiast"... I aplogise if I ask "stupid" questions..
Anyway.. My idea was to manage the switch over my existing management VLAN 80 (I use this VLAN "80" to acces all of my devices when doing management --> routers, managed switches, AP's, cameras,....)
For that purpose I set static IP in the range of VLAN 80 (10.0.80.11x)but not able to access the SWITCH from the "outside".. regardless what I try...
If on the other hand I set the static IP address of the switch as non VLAN range e.g. 10.0.1.11x which is not a member of any VLAN... I can easily access the switch for the management (OpenVPN, ....)
So my main question is... If this is expected/logical switch behaviour due to the fact it doesn't have option to set up "management VLAN"... or I should still be able to access the switch remotely even if I define the static IP address in the range of my management VLAN... as explained above ?
My idea was to manage the switch over my existing management VLAN 80 (I use this VLAN "80" to acces all of my devices when doing management --> routers, managed switches, AP's, cameras,....)
If on the other hand I set the static IP address of the switch as non VLAN range e.g. 10.0.1.11x which is not a member of any VLAN... I can easily access the switch for the management (OpenVPN, ....)
Look, these switch config uC does not care about any VLANs. Figure out what makes the difference on the two configs please.
