Orbi WiFi 7 RBE973
Reply

Can't access admin after enabling VLAN

NEDi2021
Aspirant

Can't access admin after enabling VLAN

Hello everyone

This is the first time ever I used VLAN and so far I did achieved what I needed by enabling, but I lost access on admin account. 

after entering correct ip address in my browser it won't open admin login page anymore, same with mobile app it can't find router anymore, but I can access internet and local printer with no problem while I'm connected trough R8500 WIFI. so this is my network setup: Internet Modem>Dell TZ600> R8500. TZ600 confirms that R8500 is connected on Static IP and when I enter that IP on browser to login to admin panel it won't load anything. local IP of R8500 is different than TZ600 and it's static. 

any ideas what's going on? am I doing or did something wrong? any help will be appreciated. thanks

Model: R8500|Nighthawk X8 Tri-Band AC5300 WiFi Router
Message 1 of 6
NEDi2021
Aspirant

Re: Can't access admin after enabling VLAN

ok so I was able to access admin trough Ethernet cable connected directly to router, but not through WiFi VLAN. anyways it's strange why I can't get connected to admin when connected rough wifi.

Model: R8500|Nighthawk X8 Tri-Band AC5300 WiFi Router
Message 2 of 6

Re: Can't access admin after enabling VLAN

NEDi --

 

I'm not 100% familiar with NetGear, but as far as networking goes, you need to set a specific VLAN (default is generally VLAN ID 1) as your "Admin" VLAN, then you need to either Tag or Untag a port for that specific VLAN.

 

You can also Trunk a port to include all VLAN's by Tagging all VLAN's for that specific port.

 

I know a lot of this is confusing, and I'm probably not helping that fact, but I hope some of this helps!

 

Is there any specific reason why you are wanting to VLAN off a 4 port router? We use VLAN's on switches for our clients when we're wanting to route specific data to certain ports, but block that information from other ports, yet have all of that information touch Trunk port(s). Basically creating a second, third, fourth, etc etc etc switch virtually (get it?! Virtually - VLAN ha!)

Message 3 of 6
NEDi2021
Aspirant

Re: Can't access admin after enabling VLAN

thanks for your reply it kinda gave me an idea what I did wrong. 

so the idea is to have WiFi on VLAN is to give users access only to internet and local network printer and not to be able to see rest of the network conected computers and servers, which I have them also connected to TZ600 trough smart managed Netgear Switch. so this is how it looks like: Fiber Modem>TZ600>R8500 (WiFi)/Netgear GS752TPS>servers, computers and printer. can this be done any better way with current equipment? thanks

Model: R8500|Nighthawk X8 Tri-Band AC5300 WiFi Router
Message 4 of 6

Re: Can't access admin after enabling VLAN

Hello again - I'm glad I could give you somewhat of an idea about VLAN's!

 

I'm curious to know if you are assigning static IP's to the wireless devices, whitelisting through MAC, or if you have a DHCP server?

 

Since VLAN means Virtual Local Area Network, technically, you would be setting the Access Point (depending on type of access point, multiple SSID's can be used under different VLANs/Subnets/IP Schemes) as the VLAN and the devices that are connected to said Access Point (or SSID), would be set to that VLAN. 

 

Conveluted enough for ya? Lets break it down --

 

ISP--> Firewall ---> Network Switch(es) ---> Access Point 1 & Access Point 2

 

Lets assume each Access Point (AP) has only 1 SSID named N1 and N2, respectivly.

 

N1 -- You want Group A to see Printer A and Server A

N2 -- You want Group B to see Printer B and Server B

 

Whoever is connected directly to the Network Switch, you want them to be able to send and receive data from everything to the AP's, so nothing gets lost.

 

AP1 and AP2 are plugged into Ports 4 & 5

 

Your Trunk port from your Firewall (all data that is allowed through the firewall can be considered a Trunk port, since Trunks typically allow data from mulitple VLAN's through) is plugged into port 10 on your Network Switch.

 

Port 4 (AP1) you would set as whatever VLAN, lets use 11, and name it whatever, lets say N1

Port 5 (AP2) you would set as a different VLAN, lets use 22, and name something else, lets say N2

 

You would "Untag" port 4 for VLAN 11 - Tag port 10

You would "Untag" port 5 for VLAN 22 - Tag port 10

 

If you want your Trunk (port 10) to be able to relay all information to multiple AP's and multiple Network Switches, you would Tag port 10 for every single VLAN so it allows all the data through and seperates it out to whatever device is allowed to receive said data.

 

You will, of course, need to make sure the IP Schemes and Subnets match on the devices. However, your Network Switch can be on a whole different Subnet (I set my switches to 255.255.255.0 and all of my devices to 255.255.224.0).

 

Again, I'm not super familiar with NetGear, as they're not DoD Whitelisted so we can't use them for work, but be sure to set a specific port to the management VLAN, or else you'll need a console cable everytime you want to connect to the admin portion of it!

 

 

I know this is a HUGE wall of text, but I'll do my best to answer what I can if you have any questions!

 

Message 5 of 6
NEDi2021
Aspirant

Re: Can't access admin after enabling VLAN

Thank you so much for such a great explanation! really appriciate your input. let me read it carefully few times and see if I get it right and I'll get back to you with questions. thanks again!

Model: R8500|Nighthawk X8 Tri-Band AC5300 WiFi Router
Message 6 of 6
Top Contributors
Discussion stats
  • 5 replies
  • 2138 views
  • 2 kudos
  • 2 in conversation
Announcements

Orbi WiFi 7