This topic has been marked solved and closed to new posts due to inactivity. We hope you'll join the conversation by posting to an open topic or starting a new one.
I currently have two VLans that are both set with the same IP addresses (all 192.168.0.x) I have no duplicate IP addresses within this as on Vlan A the DHCP is set to give IP's 192.168.0.2-50 and on Vlan B they are 192.168.0.51-100. This works in so far as VLAN A cannot see VLAN B. However I now have a requirement whereby there is a subset of clients on VLAN A (192.168.0.5-10) that VLAN B need to see. I have been informed my VLANS are setup wrong and they should both be on different IP ranges. Is this the case? if so I can reconfigure the IP's on VLAN B, but how do I then create a VLAN whereby only certain devices from A can be seen by B?
Enable VLAN Routing (p.152) , keep the CCTV system on one untagged VLAN port, and then think about either properly limiting the access to the CCTV system, or set-up some ACLs or better IP rules (p.215/216) (that would be a longer story then).
Basics of IPv4 and IPv6 routing. A router must have unique, non-overlapping IPv4 (also IPv6) subnets on the routing interfaces. You seem to have (exact information missing) 192.168.0.0/24 or so on both networks. A router can't do any routing like that.
In some large scale business migration plans, one might introduce some massive IP NAT in this case. The "other" network with 192.168.0.0/24 would appear as a different subnet, e.g. 192.168.1.0/24. But that's ways beyond of a simple L2+ switch capabilities.
In smaller network environments, there is no other choice than renumbering one of the IP networks. Even then: Not all "nice" services like device discovery (Bonjour, UPnP SSDP) will be transparent between the networks.
I have given one of the VLANS a different IP range, I attempted to set this up by tagging the port so it's visible on both Vlans it did not seem to work, I was told by Netgear the device that is plugged into the port (which is our CCTV system) needs to supporting tagging. Surely that's not right is it, I thought to the device it would be seamless?
Enable VLAN Routing (p.152) , keep the CCTV system on one untagged VLAN port, and then think about either properly limiting the access to the CCTV system, or set-up some ACLs or better IP rules (p.215/216) (that would be a longer story then).
