Internet Lost when activating VLAN/Bridge - By VLAN Tag Group
Hi,
I have a WIFI6 Nightwak RAX120 Router. I want to create some VLANS on my private network and activated the VLAN/Brige option. I created an extra VLAN 30 under "By VLAN Tag Group" and pushed APPLY.
As soon as I did this, the Router unfortunately drops the INTERNET connection to my Provide which is setup via my ISP account via PPPoE. (My RAX120 is connected to my ISP Modem).
I have the very latest Firmware installed on my RAX120.
I have a WIFI6 Nightwak RAX120 Router. I want to create some VLANS on my private network and activated the VLAN/Brige option. I created an extra VLAN 30 under "By VLAN Tag Group" and pushed APPLY.
Wim,
These are two completely different features. the VLAN/Bridge on the WAN port allows to bridge a VLAN on the WAN/Internet interface eg. to a defined switch port and/or to wireless radio. This is to bring a dedicated ISP side VLAN operating IPTV (typically) to a defined port, where a dedicated network (this could be a port based VLAN on the lAN side of course) to operate IPTV media players on the ISP IPTV network.
On the LAN side, there is no support for VLANs on these consumer switches at all.
Re: Internet Lost when activating VLAN/Bridge - By VLAN Tag Group
Hi Schumaku,
Thanks for your time to answer me back on this!
I must admit I'm a bit a rookie, but here's what I have as setup and what I try to establish:
1. I have an ISP cable mode
2. behind that I've ma Netgear RAX120 where I use PPPoE to connect to my IP internet
3. One of the LAN PORTS is connected to a smart-managed switch (port 1). And one other RAX120 LAN port I do connect to the same switcfh on port 13
4. On this switch I have on 2 POE ports a Netwgear WAS610 AP
5. On this same switch I also want to attach my ISP IPTV Decoders
6. On the Switch I created VLAN10 (for internet) and VLAN30 (for IPTV).
7. I also would like on my WAX610 WAPs create SSIS's in seperate VLANs: SSID1 for INTERNET (so VLAN10), SSIDGUEST for Guests (on VLAN15) and SSID2 for IoT devices (on VLAN 20).
8. My two challenges are the following:
- I believe I should create on my RAX120 2 VLANs named 10 (INTERNET) and 30 (IPTV), right? Bit as soon as I activate this on the RAX120 , my internet connection drops.... 😞
- I then need to create the VLANs 10 and 30 also on my managed switch.
- On the switch I use port 1 as the link to my RAX120, so I configre this SWITCH port as a TAGGED port on VLAN10. The orts from 2 to 12 I do configure as Untagged ports on VLAN10.
- For IPTV I configure port 12 (connected to my RAX120) as TAGGED port on VLAN30 and port 13 to 16 as untagged on VLAN30. Ports 13, 14,15 and 16 are for my 4 decoders.
But as soon as I activate all this, nothing seems to work anymore and main issue is clearly the LOST internet connection on my ROUTER.
I you would have any advice on I would be able to make my hime setup work, that would be very much appreciated!
Re: Internet Lost when activating VLAN/Bridge - By VLAN Tag Group
Dear Wim,
Basic wiring concept looks very good to me, leaving the VLANs alone*. But then, I would like to bring up some questions - because I think that's to much to start and to learn.
*Two things hit my eye:
Two links between the RAX120 (port 3 & 4) and the switch ... what is the intention here? Aggregation (if properly configured on the router and the switch) would be on Port 1 & 2
Never understand why people are making thier own life that hard and create a different VLAN (10 here) for the primary network, just because some decades ago a big blue switch vendor had a problem with a switch and the "default" VLAN...?
A little bit short on time this Sunday morning (four dogs waiting for a hike and the sun is calling outside), so for the moment very brief on the RAX120 (or any Netgear consumer router).
These routers are not VLAN capable at all.
The VLAN bridge config is really ONLY to configure the ISPs VLAN (for Internet and for IPTV typically).
The Internet part of this VLAN/bridge config does go to the router/NAT, the IPTV VLAN can be bridged to a designated LAN port (untagged), and little bit intrusive on a complete wireless radio (untagged, no multi-SSID).
the VLAN IDs are strictly for the WAN/Internet port only - there is no association to your in-house network VLAN IDs.
Carefully revviw the finr documentation FMI. This is everything you can configure. This does create one port you can link to the switch on a port in the IPTV VLAN (untagged), and all others where one (or two of aggregated in case you have Internet bandwidth >> 1GB) port or LAG (untagged) in the "Internet" or normal working VLAN.
I hope that's enough work for trial and error for the next few hours - then you should enjoy the Sunday with the family, too.
For your further intentions, the RAX120 (or any other Netgear consumer router) isn't the right product. I would look into the SOHO/SMB market for a small router supporting multiple LANs (like eg. the BR200), and add another wireless AP.
Re: Internet Lost when activating VLAN/Bridge - By VLAN Tag Group
Hi kurt,
Thanks for your time spent on a Sunday! I hope you spent enough time to your four dog! They diserve it! 🙂
Quick reply and some extra clarifications from my side:
1. Splitting IPTV from network is EXACTLY what I want to do as well.
2. But the issue I haveis that as soon as I create VLAN Tagged Group with name IPTV (VLAN30), next to the default VLAN10 (Internet), my internet connection drops on my RAX120.
3. I create the VLAN30 on Port 3 and then I go from this port 3 to a VLAN30 tagged port onnmy managed swith, where I also configure 4 VLAN30 untagged ports where my decoders are connected.
4. The reson why I do not use 1 and 2 is becasue I indeed have those already in aggregtion towards my QNAP NAS where I have two NICs also in aggregation. Works fine by the way.
So far on the RAX120 - Switch VLAN questions.
The second challenge is then the sepertion of my wireless SSID's:
1. I just today also installed a second WAX610 in my network. On my two WAPs I created three SSID's. Each with another VLAN ID. One for my normlinternat, onefor guest internet and one for IoT devices.
2. I want those different SSID seperated so that devices connected to one SSID can NOT communicate with the other SSD's.
3. But unfortunately this also doesn't work.
YEsterday I resetted my whole switch again and tried VLAN by PORT instead of 802.1Q VLAN
I aslo disabled the VLAN/Bridge on RAX120 and I just assigned ports for INTERNET (VLAN ID 1) and PORTS for IPTIV (VLAN 30).
Not sure if this is the best way forward...
Anyway, with this setting my SSID seperation is also NOT working....
I'm getting desperate. I belie for gutu like you this is a children game, but I simply can't get it to work.
My setup is hoeve rnot tht much rocket science IT think:
1. Cable Modem (ADSL)
2. RAX120 Router
3. 16-port Managed swith (TP Link) with IGMP Snooping enabled
4. 2 WAX610 (connected to to POE ports of the sitch)
2. But the issue I haveis that as soon as I create VLAN Tagged Group with name IPTV (VLAN30), next to the default VLAN10 (Internet), my internet connection drops on my RAX120.
Are these the two VLAN required by your ISP for Internet and for IPTV?
Assume you had Internet before, there is nothing you need to change on the config for the Internet (probably pure IP does not come in tagged at all). as mentioned befre, at the risk or repeating: This is an ISP thing which is completely unrelated to the VLAN you intend to run on your LAN. There is no need to change anything on the Internet entry there at all. Only the IPTV part (as per the ISP IPTV VLAN) must be configured.
Is this confirmed that the IPTV VLAN does go through on the pass-throug/bridge setting of the ISP box?
3. I create the VLAN30 on Port 3 and then I go from this port 3 to a VLAN30 tagged port onnmy managed swith, where I also configure 4 VLAN30 untagged ports where my decoders are connected.
Not at all.
You need to configure the ISP IPTV VLAN to be bridged to a single port on the Netgear switch. This VLAN will come to this port untagged. A cable connection from this port to another untagged port on this VLAN 30 on the switch (similar config like the media players), VLAN 30, [U]ntagged, PVID 30.
4. The reson why I do not use 1 and 2 is becasue I indeed have those already in aggregtion towards my QNAP NAS where I have two NICs also in aggregation. Works fine by the way.
Of course ... I'm still monitoring the QNAP forum for specific network issues and answering sometimes. 8-)
The second challenge is then the sepertion of my wireless SSID's:
1. I just today also installed a second WAX610 in my network. On my two WAPs I created three SSID's. Each with another VLAN ID. One for my normlinternat, onefor guest internet and one for IoT devices.
2. I want those different SSID seperated so that devices connected to one SSID can NOT communicate with the other SSD's.
3. But unfortunately this also doesn't work.
Of course - there is no router able to handle these additional network, no IPv4 network, no DHCP server, no many-to-one NAT routing to the public IP address. That's why I said these routers are not fit for this purpose.
YEsterday I resetted my whole switch again and tried VLAN by PORT instead of 802.1Q VLAN
Why oh why? If you intend to run multiple VLANs over the same network port, you need to operate 802.1q. and please for your comfort stick with the default VLAN 1 for our network...
I aslo disabled the VLAN/Bridge on RAX120 and I just assigned ports for INTERNET (VLAN ID 1) and PORTS for IPTIV (VLAN 30).
Not sure if this is the best way forward...
Configure the router VLAN grups accordingly - in my example the ISP side Internet runs on VLAN 10, the IPTV network does run on VLAN 99. One does have to configure only the Internet VLAN ID (if applicable) otherwise leave it on 0, and add one entry for IPTV with the VLAN ID where the IPTV is in place, and put it to a spare port on your router. Once done, direct connect or patch one media player/STB to this port. this must run first.
My setup is hoeve rnot tht much rocket science IT think:
1. Cable Modem (ADSL)
2. RAX120 Router
3. 16-port Managed swith (TP Link) with IGMP Snooping enabled
4. 2 WAX610 (connected to to POE ports of the sitch)
In my opinion, the RAX120 does not add any added value (except of WiFi 6). it can't handle the additional networks for guest and IOT stuff.
Where I have to mention that such an isolated IoT network is ONLY for IoT which is purely Internet/cloud drive. Anything where eg. a local controller is on the network and where an app on the mobile is used for controlling eg. the lights - this is utterly useless, as you certainly don't want to change the wireless network on your mobile before e.g dimming the lights...
And then again, the idea of splitting IPTV and your normal LAN/Internet - you will loose capabilities for play-to by Google Cast or Apple Airplay.
in my opinion, you will loose capabilities over running your ISP provided router where I assume the Internet access LAN and the IPTV traffic are merged on one network, one IP subnet.
Re: Internet Lost when activating VLAN/Bridge - By VLAN Tag Group
Thanks!
So yes ... mmmmm... I believe I will need some thinking time now.
You clearly made some point now which will force me to rethink my strategy. E;G. the sense of wanting to separate the IoT SSID fro lthe other SSIDs (I have indeed an app on my android phone to control the airco units I have in the house ... )
But, on the other side, I also don't wat to spent further money in replacing e.g. the RAX120 to buy a router that has VLAN capability on the LAN side. (Ubiquiti Dream Machine PRO e.g.). I would believe (hope!) that the components I have in house, should enable me to make sure I've performant, secure LAN and WIFI network where IPTV doceders are also working when I plug them into my switch (plugging decoders directly in the Router of ISP Modem/Route is unfortunately NOT an option seen the loccation they are).
The screenshot you sent is excatly what I did on the RAX125. Only difference is that the VLAN for IPTV is 30 for the ISP I have. BUT... as I said... when I click APPLY on this screen, my RAX120 drop the INTERNET PPPoE connection with the ISP modem/router. Not sure if this is something to do with the ISP, or is this a Netgear RAX120 bug, or ....
In two weeks from now my ISP will come install Fibre at home, so I hope to speak then to a technical expert of the ISP... I'll check with them to see if they can advise....
