This topic has been marked solved and closed to new posts due to inactivity. We hope you'll join the conversation by posting to an open topic or starting a new one.
Recently started playing with vlans on my switch and figured out how to set up vlans and getting internet access on them.
My next step in learning about vlans is to not allow communcation between them.
Right now I have 2 vlans (The default vlan and vlan10 that I made) and in the default vlan I can access my servers and other computers on that vlan (which is what I want). On vlan10 you cannot access servers by directly connecting to them with their name however, if I type in the IP address of the server or computer I am able to communicate with the device. Is there a way to stop this?
It seems that you were trying to separate your devices without any communication to each other. May I know if the VLANs that you created are working on the same subnet? May you be able to provide us some screenshots of your configuration so that we can further check?
As per checking the screenshot, you have enabled VLAN routing, you don't need to enable it unless you wanted the VLANs to communicate with each other. Also, do you have a VLAN capable router? It seems that the other ports were assigned as T or Tagged. If you have a VLAN capable router, then the IP address of VLAN 10 should be different. You just need to create a DHCP server for your VLAN 10.
If you want to assign a port to be a member of VLAN 10, the PVID should also be included. If the device is a VLAN aware(like VoIP, L2 Switches, Routers, etc.), you just need to put a T or Tagged on the specific port and leave the PVID to default. But if the device is just a non-VLAN aware(like PC, Scanners, Printers, Hub, etc.), then you just need to assign the port to U or Untagged and assign the PVID to its corresponding VLAN.
I've disabled vlan routing (I thought I needed it for the vlan to work... oops!) however, I can still access my servers via IP (servers on vlan1 and computer on vlan10).
I do have a vlan capable router and the IP address of vlan10 is different (10.0.10.1 instead of 10.0.0.1) and I have also created a DHCP server for vlan10.
I have also set up my PVID settings like you have mentioned.
Any other ideas or maybe am I misunderstanding what you are saying?
It should work with the setup that I've given 🙂 Unless, you do have Inter-VLAN routing enabled on your router. You can test the setup that I've given by removing the router on your network and assign a static IP on both PC with different default gateway and check if it will ping.
