× NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Orbi WiFi 7 RBE973
Reply

Re: VLAN not propagating to specific port on GS108T

DominikHoffmann
Aspirant

VLAN not propagating to specific port on GS108T

I have a Netgate 1100 internet gateway. One of its ports is connected with a GS108PEv3, which powers three EnGenius WiFi access points and has a downstream GS108T connected to it. I cannot get connectivity on the configured port of the GS108T with a particular VLAN in use on the rest of my network. What am I missing?

 

Let me present the details. The OPT port on the Netgate 1100, to which the GS108PEv3 is connected, is tagged with VLAN IDs 5 and 6. The GS108PEv3’s Port 8, which connects to the Netgate 1100, as well as Ports 2–5 are tagged with VLAN IDs 5 and 6:

Screenshot 2023-02-17 at 7.25.04 PM.png

 Ports 2–4 connect to the access points, and Port 5 connects to the GS108T’s Port 2. The GS108T is configured like this:

Screenshot 2023-02-17 at 7.23.21 PM.png

Is it correct to configure Port 6, where I want to plug in my laptop as “U?” I take it to mean that the “U” strips VLAN tag with the ID 5, which my laptop would not be able to be configured to do on its own.

 

Just so the untagged regular network does not leak through to port 6, I have configured VLAN ID 1 like this:

Screenshot 2023-02-17 at 7.36.29 PM.png

 The other configuration pages on the VLAN tab are set up like this

Screenshot 2023-02-17 at 7.37.06 PM.png

 Screenshot 2023-02-17 at 7.37.33 PM.png

 

Is there anything wrong with these?

 

Message 1 of 10

Accepted Solutions
schumaku
Guru

Re: VLAN not propagating to specific port on GS108T

@DominikHoffmann please allow two comments and questions.

 

You talked of VLAN ID 5 and VLAN ID 6. For an access port, making one port untagged, it's not sufficient to assign it to the VLAN ID intended, you need to set the port PVID to assign untagged frames to the VLAN intended.

 

Completely confusing to the reader here is that you talked of configuring a VLAN 1. Can't see where or how that VLAN ID 1 is supposed to be used. What do you intend to achieve with this VLAN 1 config? 

 

update: Re-reading shows the intention for VLAN 1 is having some ports assigned as untagged access ports for the VLAN 1. Is this VLAN 1 used as another network, like a generic network as available on an ISP router LAN port?

View solution in original post

Message 2 of 10

All Replies
schumaku
Guru

Re: VLAN not propagating to specific port on GS108T

@DominikHoffmann please allow two comments and questions.

 

You talked of VLAN ID 5 and VLAN ID 6. For an access port, making one port untagged, it's not sufficient to assign it to the VLAN ID intended, you need to set the port PVID to assign untagged frames to the VLAN intended.

 

Completely confusing to the reader here is that you talked of configuring a VLAN 1. Can't see where or how that VLAN ID 1 is supposed to be used. What do you intend to achieve with this VLAN 1 config? 

 

update: Re-reading shows the intention for VLAN 1 is having some ports assigned as untagged access ports for the VLAN 1. Is this VLAN 1 used as another network, like a generic network as available on an ISP router LAN port?

Message 2 of 10
DominikHoffmann
Aspirant

Re: VLAN not propagating to specific port on GS108T

@schumaku: Thanks very much for responding. I have to admit, I am pretty new to VLANs. They fill me with fear and trepidation. Maybe, I have never come across a good explanation of the mechanics of tagging in switches.

 

Part of the problem is that the GS108Tv2, which is old, seems to do it differently from the GS108PEv3, where I have gotten it to work well. Maybe part of the problem is that the GS108Tv2 doesn’t do configuration according to 802.1Q, for which the GS108PEv3 has a separate tab.

 

The way I understand it, which is why I am happy for you to correct me, if I get this incorrectly, VLAN 1 is the ID on the basis of which the switch behaves like any unmanaged switch. I therefore made Port 6 on the GS108Tv2 neither tagged nor untagged for VLAN 1, because I don’t want that port to carry any of the untagged traffic.

 

I am applying to the GS108Tv2 what I learned from the GS108PEv3: On the GS108PEv3, all ports are untagged for VLAN ID 1. This leads me to conclude that if I make one of those ports neither tagged nor untagged, it will not receive any of the default untagged traffic.

 

On the GS108PEv3 I did not have to mess with the default PVID configuration to get it to behave the way I wanted to. Consequently, I didn't do anything with that set of configurations on the GS108Tv2, either.

 

I hope I did not make things more complicated with this explanation. Still lots of questions remain.

Message 3 of 10
schumaku
Guru

Re: VLAN not propagating to specific port on GS108T


 


@DominikHoffmann wrote:

Part of the problem is that the GS108Tv2, which is old, seems to do it differently from the GS108PEv3, where I have gotten it to work well. Maybe part of the problem is that the GS108Tv2 doesn’t do configuration according to 802.1Q, for which the GS108PEv3 has a separate tab.


Can't agree, the GS108Tv2 is not old from the technology view.  Amazing Netgear has successfully teached the world  that other configs are not 802.1q based VLANs. In German? Pustekuchen 8-)  The GS108Tv2 has just added the Insight cloud management capabilities. 

 

The Netgear Smart switches like the GS108Tv2 and so on are build on basic managed cores and allow configuring a management VLAN, while the Netgear Plus Switches are build on non-managed, but simply configurable platforms.  

 


@DominikHoffmann wrote:

I am applying to the GS108Tv2 what I learned from the GS108PEv3: On the GS108PEv3, all ports are untagged for VLAN ID 1.


it's just a special default configuration, 

 


@DominikHoffmann wrote:
This leads me to conclude that if I make one of those ports neither tagged nor untagged, it will not receive any of the default untagged traffic.

Sure, this makes sense.

 


@DominikHoffmann wrote:

On the GS108PEv3 I did not have to mess with the default PVID configuration to get it to behave the way I wanted to. Consequently, I didn't do anything with that set of configurations on the GS108Tv2, either.


Nothing difficult, not a steep learning curve involved The PVID defines the VLAN untagged frames sent into the port will be assigned to. sure, if all you ever need are port based VLANs, the simplified controls are sufficient.

 

 

Message 4 of 10
DominikHoffmann
Aspirant

Re: VLAN not propagating to specific port on GS108T


@schumaku wrote:



@DominikHoffmann wrote:
This leads me to conclude that if I make one of those ports neither tagged nor untagged, it will not receive any of the default untagged traffic.

Sure, this makes sense.


But the switch doesn’t appear to behave accordingly. I can’t get VLAN ID 5 to come out of Port 6 untagged.

 

@DominikHoffmann wrote:

On the GS108PEv3 I did not have to mess with the default PVID configuration to get it to behave the way I wanted to. Consequently, I didn't do anything with that set of configurations on the GS108Tv2, either.


Nothing difficult, not a steep learning curve involved The PVID defines the VLAN untagged frames sent into the port will be assigned to. sure, if all you ever need are port based VLANs, the simplified controls are sufficient.


I don’t understand then, though, do I need to configure PVID, if I have done, what I did on the VLAN Membership section? Aren’t those competing configurations?

Message 5 of 10
schumaku
Guru

Re: VLAN not propagating to specific port on GS108T

The Netgate 1100 internet gateway is configured to provide multiple VLANs and IP subnet on a trunk accordingly?

Message 6 of 10
DominikHoffmann
Aspirant

Re: VLAN not propagating to specific port on GS108T

Yes, it is. It has worked on a charm.

 

The GS108PEv3 is plugged into the OPT port of the Netgate 1100. The OPT port carries untagged traffic, VLAN ID 5 and 6 traffic. The GS108PEv3 takes that to my EnGenius access points. They serve three SSIDs corresponding to the untagged and VLAN ID 5 and 6 connection.

 

This has worked like a charm.

 

It’s really only the GS108Tv2, which is giving me issues.

 

By the way, the GS108Tv2 is currently on the Version 5.4.2.13 firmware, and I have been unable to get it to update to the latest, which is 5.4.2.36. I will open a new thread on that topic.

Message 7 of 10
schumaku
Guru

Re: VLAN not propagating to specific port on GS108T


@DominikHoffmann wrote:

The GS108PEv3 is plugged into the OPT port of the Netgate 1100. The OPT port carries untagged traffic, VLAN ID 5 and 6 traffic. The GS108PEv3 takes that to my EnGenius access points. They serve three SSIDs corresponding to the untagged and VLAN ID 5 and 6 connection.


This sound wrong in my reading. You probably need VLAN 5 and 6 tagged there?

Message 8 of 10
Retired_Member
Not applicable

Re: VLAN not propagating to specific port on GS108T

@DominikHoffmann 

 

I own a GS108Tv1 and I never have had any issues with it. I do not think its 802.1Q implementation is in any way inferior to those of other switches, but I would stay away from those configuration wizards. As for the default VLAN, you can treat it just like any other VLAN. VLAN1 itself does not make a managed switch behave like an unmanaged switch. It is the factory default configuration of a switch that makes it behave that way. I also have owned a Netgate firewall once and my GS108T worked just fine with it in the router-on-a-stick configuration.

 

I recommend you configure the link ports in your GS108T as follows.

PVID 1, Untagged in VLAN1, Tagged in VLAN5 and VLAN6.

 

Unfortunately, the screenshots you have posted are not visible to me so I cannot comment on them.

 

Good luck!

Message 9 of 10
DominikHoffmann
Aspirant

Re: VLAN not propagating to specific port on GS108T

@schumaku: Your hint to setting the PVID of the port from which I needed to untag default PVID 1 was the pointer in the right direction. I got it all working now.

 

This is my physical setup:

 

GS108Tv2 Physical Wiring (for posting).png

 

Port 1, 5, 7 and 8 are on untagged VLAN 1 ports.

 

These are my GUI configurations:

Screenshot 2023-02-27 at 12.51.40 PM.png

 

Screenshot 2023-02-27 at 12.52.35 PM.png

 

 Screenshot 2023-02-27 at 12.52.48 PM.png

 

 

Screenshot 2023-02-27 at 12.53.01 PM.png

 

 Screenshot 2023-02-27 at 12.55.04 PM.png

 

 

Again, the purpose is to tunnel my 192.168.1.0/24 subnet through a switch upstream from this GS108T, which is on my 192.168.2.0/24 subnet, to this one. I am using a VLAN 101 tag for that. This makes Ports 1, 4, 5, 7 and 8 essentially like an unmanaged switch that’s part of the 192.168.1.0/24 subnet. It also allows me to send VLAN 5 to Port 5, which makes it part of the 192.168.5.0/24 subnet, which is my guest network. I have hooked up my work computer to that, because I don’t want some IT guy from work being able to snoop around my personal setup. I work for a very large employer with very nebulous IT support.

Message 10 of 10
Top Contributors
Discussion stats
  • 9 replies
  • 1509 views
  • 0 kudos
  • 3 in conversation
Announcements