× NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Orbi WiFi 7 RBE973
Reply

Re: Vlan config

USER67885
Aspirant

Vlan config

Using a netgear GS724TPP to try and understand networking a little better. 
boot version
1.0.0.12
Software vession

2.0.8.5

 

So I was able to hook this managed switch up to my Palo Alto firewall and out to the internet without an issue. However, when I try to configure a VLAN I am getting a bit lost. 

The first photo is showing the static IP assigned to the Switch and the default gateway. I am attempting to set up VLAN 10.  Port 9 will be the only member of VLAN 10. The firewall is connected through port 1 on the default VLAN. For VLAN 10 I set port 1 as the Trunk port so that the firewalls will get the VLAN tag and DHCP server will assign an IP address based on the VLAN. For the PVID I set port 9 to VLAN tag 10. Could any tell me what I may be missing? Screenshot 2023-05-25 at 6.59.13 PM.png Screenshot 2023-05-25 at 6.52.04 PM.png Screenshot 2023-05-25 at 6.49.23 PM.pngScreenshot 2023-05-25 at 6.48.19 PM.png

 

Screenshot 2023-05-25 at 6.47.19 PM.png

Message 1 of 3

Accepted Solutions
schumaku
Guru

Re: Vlan config

The port config for g1 with two VLANs untagged (1, 10) can't work.

 

For some experimentation and learning VLANs on your PA firewall, I would suggest to create  set of ports as trunks, with multiple VLANs and all tagged.

 

Then add some test ports in access mode for each VLAN you want to experiment and test with. Such a test access port for VLAN X must be configured as untagged for port X, the PVID must be set to X so untagged frames re assigned to the correct.

View solution in original post

Message 2 of 3

All Replies
schumaku
Guru

Re: Vlan config

The port config for g1 with two VLANs untagged (1, 10) can't work.

 

For some experimentation and learning VLANs on your PA firewall, I would suggest to create  set of ports as trunks, with multiple VLANs and all tagged.

 

Then add some test ports in access mode for each VLAN you want to experiment and test with. Such a test access port for VLAN X must be configured as untagged for port X, the PVID must be set to X so untagged frames re assigned to the correct.

Message 2 of 3
USER67885
Aspirant

Re: Vlan config

Thank you! 

I think my confusion is with trunk ports and how to flag them. I can get everything going through the default VLAN but I do not understand how to properly define the trunk port on a switch. Whenever I tag a port I lose connection. Do you have a good recommendation for how I can learn about this? I thought I just needed to mark the port as T and then all of my VLANs information would be passed along to the firewall, but I end up breaking my network whenever I mark port 1 as a trunk. 

Message 3 of 3
Top Contributors
Discussion stats
  • 2 replies
  • 1645 views
  • 1 kudo
  • 2 in conversation
Announcements