VLAN routing on GS108Tv2
I am trying to configure my new GS108TV2 ProSAFE 8-port switch to give internet to different VLANs and I read all the documentation on this and I am still not able to have it work.
As an example, I want 2 VLANs, 4 and 5. VLAN 4 has port 1 and 2 as untag and VLAN 5 has port 1 and 3 as untag. The PVIDs for port 1 is set to Admit All and port 2 and 3 on VLAN Only with PVID for port 2 equal to 4 and PVID for port 3 equal to 5.
I plug the external internet provider cable in port 1. Port 2 and 3 do not have any internet as I would expect.
Can you help me?
Re: VLAN routing on GS108Tv2
Welcome to the community!
The GS108Tv2 is a L2 switch, which means it does not do VLAN routing. In this setup you would need a L3 switch or another equivalent device to do the routing across VLANS and out to the internet and back in.
If this is your internet provided cable router, does is have the ability to do more than one Subnet and does it understand VLANS?
What is the purpose for multiple VLANS? The general rule is one VLAN per subnet - if you need more than the standard /24 and want more addresses, dont increase the VLANS, increase the subnet tied to it.
With a 2 port Router/FW that does support VLANS and multiple DHCP scopes, you could create like this:
VLAN 4 - Subnet Scope of 192.168.4.0/24 - Assigned to port 1 on the FW and going to port one on switch that is untagged VLAN 4 with PVID of 4.
VLAN 5 - Subnet Scope of 192.168.5.0/24 - Assigned to port 2 on the FW and going to port three on switch that is untagged VLAN 5 with PVID of 5.
Divide the rest of switch ports between VLAN 4 and 5 for end users to plug into.
If you are only using one port inbetween the FW/Router and the switch you will need to trunk the port, untagged for VLAN 4 and tagged with VLAN 5. The the interconnecting port on the switch would need to be a trunk port also, say port 1 - you could then segregate the switch ports say 2/3 to VLAN 4 and 3/4 to VLAN 5.
If your cable router does not support VLANS or multiple subnet scopes you will need a L3 device.
We have some good small VPN firewalls such as the FVS336G that you could use for this purpose.
It can do VLAN's and multiple subnets, you could then even place your cable router in modem mode only if it supports it and let the FVS336G act the FW/Router that owns the public IP and does the L3 routing for the two VLANS and out to the internet.
There are still other options you could use, such as keeping your cable router and using a L3 switch inbetween. In this scenario your L3 switch would be the GW and own the L3 interfaces, and you would just need to use static routing inbetween the cable router and L3 switch - as the cable router would not know about the downstream VLANS, you just forward all traffic to the L3 switch and let the switch route to the downstream L2 switch and user devices.
I hope that makes sense and helps but if you need any more assistance or explanation please dont hesitate to reach out.
NETGEAR® SE, UKI & Nordics
Re: VLAN routing on GS108Tv2
Thanks a lot for our comment. It is very appreciated. The goal is to have multiple network physically isolated, having access to the internet. You confirmed to me what I thougth. I need a layer 3 switch. I though it was one because I bought the 24-port version and it has routing. Sadly enough, the version 8-port to not have this functionality. I will send it back and buy a layer 3 switch as my provider do not have VLAN management.
Thank you again!
My best regards,