- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
VLAN cross access
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
VLAN cross access
We would like to set up a work station which can be accessed from the internet but will not be able to access any other system on the network. The plan is to use a VLAN to do this. The network uses a PFsense router and a GS308E switch. The question is there a clean way to allow the other systems on this network to access this system while it can not access them?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: VLAN cross access
This is more a question on how to create another network (VLAN, IP subnet) for the isolated system in question on your security appliance, with port forwarding to make the ports required for the unknown service to become available just on that PC and dedicated IP subnet; then configure a trunk port to connect the main VLAN (untagged) and the additional VLAN (tagged), plus an access port only for the additional network (and nothing else). Assuming there is no dedicated port available on the security appliance where only that network and VLAN can be configured on it's own.
No rocket science, basic networking and PFsense knowhow required. Once you figured out on how you implement this additional network on your PFsense security appliance, we're happy to help with the GS308E for e.g. a trunk config carrying the main untagged plus the additional VLAN (tagged), plus an pure access for just for the additional VLAN. Keep in mind we're Netgear community here, and most don't know much (or anything) related to PFsense.