× NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Orbi WiFi 7 RBE973

Re: GS108Ev3 Cannot set VLAN for management interface

Ra1n
Follower

GS108Ev3 Cannot set VLAN for management interface

I just purchased a GS108Ev3 because I needed some simple VLAN segregation for a small group of machines "down the hall" from my core networking equipment. The switch works great, though there is one key feature I believe to be missing: The IP address of the switch can be staticly defined, but there is no way to configure the VLAN the switch's management interface resides on.

 

With my ProSafe Smart switches that I'm currently using, this is definetly possible: 

GS724T Management Interface:

GS724T VLAN

 

On the other hand, the GS108E clearly lacks this functionality:

GS108E Mangement Interface: (Same basic form is visable in the WebUI; no VLAN setting though!)

GS108E NO VLAN

 

 

Setting the IP address is great... but I need to keep all of the management for my switches on a seperate VLAN for security purposes. Is this a feature that could possibly be added with a future firmware revision? I know the GS108E is a very entry-level switch, but since the switch supports VLANs and managing them on a per-port bases (and trunking), allowing administrators to set the VLAN for the management interface is really an important feature!

Message 1 of 14

Accepted Solutions
DaneA
NETGEAR Employee Retired

Re: GS108Ev3 Cannot set VLAN for management interface

Hi chulio,

 

Welcome to the community! 🙂

 

I think this is by design and not a limitation of the GS108Ev3 since its category is a ProSAFE Plus Gigabit switch which adds a configuration layer to the standard unmanaged switch.


For the alternative, I recommend you the GS108Tv2 or GS110TP switches.

 

To know more about the GS108Tv2 and GS110TP switches, check these links below:

 

GS108Tv2 and GS110TP Product FAQs

 

GS108Tv2 Data Sheet

 

GS110TP Data Sheet

 

 

Regards,

 

DaneA
NETGEAR Community Team

View solution in original post

Message 4 of 14

All Replies
JohnRo
NETGEAR Employee Retired

Re: GS108Ev3 Cannot set VLAN for management interface

Hello Ra1n, 

 

 

Welcome to the community! 

 

It is true that you cannot change the default management VLAN for this model, the switch is only a Prosafe Plus switch and is intended for more simple networks. What you can do is to post a topic on our Idea Exchange Board so that our engineers can see if they will consider adding this feature on future firmware releases. Make sure you hit the kudos(like) button, if it gets enough kudos from users then it can be considered. 

 

Hope that helps, if you have questions feel free to ask. 

 

Thanks, 

 

 

Message 2 of 14
chulio
Aspirant

Re: GS108Ev3 Cannot set VLAN for management interface

Same issue, for my 3x GS108e v3 it doesn't even work for VLAN 1 !

(if a second or third VLAN are tagged on the same port), no GUI management possible.

 

It seems the GS108e takes the VLAN with the fastest DHCP server and then you get an IP you can use for GUI management.

 

https://community.netgear.com/t5/Smart-Plus-Click-Switches/VLAN-configuration-Netgear-GS108E/m-p/102...

 

Is there a solution in the meantime for the GS108e ?

Or which alternative product provides that functionality ?

 

Thanks a lot in advance,

 

Best chulio

Message 3 of 14
DaneA
NETGEAR Employee Retired

Re: GS108Ev3 Cannot set VLAN for management interface

Hi chulio,

 

Welcome to the community! 🙂

 

I think this is by design and not a limitation of the GS108Ev3 since its category is a ProSAFE Plus Gigabit switch which adds a configuration layer to the standard unmanaged switch.


For the alternative, I recommend you the GS108Tv2 or GS110TP switches.

 

To know more about the GS108Tv2 and GS110TP switches, check these links below:

 

GS108Tv2 and GS110TP Product FAQs

 

GS108Tv2 Data Sheet

 

GS110TP Data Sheet

 

 

Regards,

 

DaneA
NETGEAR Community Team

Message 4 of 14
waheuler
Initiate

Re: GS108Ev3 Cannot set VLAN for management interface

I am very disappointed that this handicapping of configuration is considered a design decision or a "feature" as referred to earlier.  I can't help but feel it is merely a cop-out to encourage the purchase of a higher end unit.  Even though most other smart switches at this level have the configuration option that is missing here.

Message 5 of 14
JohnRo
NETGEAR Employee Retired

Re: GS108Ev3 Cannot set VLAN for management interface

Hello waheuler, 

 

Welcome to the community! 

 

I'm sorry to hear about your disappointment on the product. In defense to that, just like what we have mentioned on our previous replies this is a single step from unmanaged switches. It is intended for networks with little or no management needed. These switches have different chipsets and memory that is why we cannot fit everything on this unit. 

 

Thanks, 

 

 

Message 6 of 14
bugmenot2
Apprentice

Re: GS108Ev3 Cannot set VLAN for management interface

Yeah, right. This is not a hardware issue.

Message 7 of 14
bugmenot2
Apprentice

Re: GS108Ev3 Cannot set VLAN for management interface

What I've done with the limitation is (on my "core switch") set the native VLAN on my downstream trunk port  to match my MGMT VLAN (previous example VLAN 48). And then also from within the ProSafe Plus Config Utility set the trunk port's "Port PVID" to 48, and "tag" all VLANs on all trunk ports. The goal is to make your MGMT VLAN and "untagged" VLAN in the eyes of the two devices.

Message 8 of 14
Anguel
Aspirant

Re: GS108Ev3 Cannot set VLAN for management interface


@bugmenot2 wrote:

What I've done with the limitation is (on my "core switch") set the native VLAN on my downstream trunk port  to match my MGMT VLAN (previous example VLAN 48).

 

Do I undestand correctly that you set the trunked port as UNTAGGED for VLAN 48 only and as TAGGED for all other VLANs on you main (not GS108E) switch?

 

Thanks,

Anguel

Message 9 of 14
JohndelStino
Guide

Re: GS108Ev3 Cannot set VLAN for management interface

Sweet lord, I can't even begin to express how bad this design is. I am seriously questioning the sanity of the developer/tester that approved this. Surely there must be some person within the development team that objected to this turd of a design? Give that person a promotion!

 

A switch with it's management interface connected to every VLAN is just bonkers.

 

I purchased this switch as a cheap and small extention of our SMB network for testing purposes. Given I've got our ISP (public) subnet on a particular VLAN which is also in this switch this is very unsafe.  So it seems once again; you pay peanuts, you'll get monkeys.

 

Oh well.. Back to Cisco and HP.

 

I wouldn't recommend this particular Netgear product to anyone.

I've also got a GS108T which seems more robust. I haven't been able to test my GS105E because it seems faulty.

Model: GS108PEv3|ProSAFE Gigabit Plus Switch with PoE
Message 10 of 14
JohndelStino
Guide

Re: GS108Ev3 Cannot set VLAN for management interface

Ok, I got my GS105Ev2 working and it has the same flaw.

 

It seems the insecure management issue is present in the GS***E ProSafe switches.

Message 11 of 14
JohndelStino
Guide

Re: GS108Ev3 Cannot set VLAN for management interface

I found this quote in the manual which is mentioned twice:

 

[quote]

Do not remove all ports from PVID 1, which is the management PVID. If you remove all ports from PVID 1, you cannot access the switch for management. In such a situation, to recover access to the switch, you must reset the switch to its factory defaults settings.[/quote]

 

I seriously doubt the switch(family) really operates this way.

 

My setup: 

 

GS108PEv3 GigabitEthernet1 as Trunk 802.1Q (VLANs: 1T, 4T, 6T, 4093U) PVID: 4093  which is attached to a GS108Tv2 on Gigabit Ethernet1 as Trunk 802.1Q (VLANs: 1T, 4T 6T, 4093U) PVID: 4093

 

Now, in this setup the management interface of the GS108PEv3 isn't reachable through the link from GS108Tv2 switch. However, other nodes on VLAN 1 on the GS108PEv3 switch on other interfaces ARE reachable! So we can safely assume VLAN1 goes through the link tagged successfully. Only when changing the PVID of the GS108Tv2 to 1 is the management interface accessible again. Now this is quite odd and at this time I am unsure about what is going on. What I strongly suspect is that the GS108PEv3 management interface listens to ALL the untagged (PVID) traffic on every eth-interface whatever the PVID may be!

 

One can imagine how careless and unsafe this implementation really is. Quite ironic since the name of the series is ProSAFE.

 

Maybe I will perform some more tests later in the week.

 

 

 

 

 

 

 

Message 12 of 14
gmerb
Tutor

Re: GS108Ev3 Cannot set VLAN for management interface

Same problem on JGS524PE.

This "feature" is mandatory, VLAN is useless if you can't secure your installation !

 

Idem, back to HP / Cisco ...

Message 13 of 14
DaneA
NETGEAR Employee Retired

Re: GS108Ev3 Cannot set VLAN for management interface

@gmerb,

 

Welcome to the community! 🙂 

 

This is by design and not a limitation of the GS108Ev3 switch since its category is a ProSAFE Plus Gigabit switch which adds a configuration layer to the standard unmanaged switch.  

 

Since you find the feature to be mandatory on this switch model, I suggest you to kindly post your concern as a feature request on the Idea Exchange Board for Business here.  In this way, the development team can see what feature does users wanted to be added to the functionality of the product.  Be reminded that the more kudos given by community members to your feature request will help as the development team will be reviewing the post that has the most kudos and will be considered.  

 

 

Regards,

 

DaneA

NETGEAR Community Team

Message 14 of 14
Top Contributors
Discussion stats
  • 13 replies
  • 35125 views
  • 43 kudos
  • 9 in conversation
Announcements