NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

vlan

18 Topics

M4300 routing table Next Hop is Mgmt IP
Apologies for the dumb question: I have two M4300's stacked together with three VLANs configured. VLAN 10 has range 10.0.10.0/24, the gateway is (supposed to be) 10.0.10.1 and the management interface is at 10.0.10.252. However, the routing table for 10.0.10.0 shows the next hop as 10.0.10.252 which must have been set when I chose that IP for the management interface. I was expecting it to be the gateway not the management interface? In "IPv4 Management VLAN Configuration", The management VLAN is 10, Routing Mode is enabled, the IP Address/Subnet Mask are as above and the Gateway is 10.0.10.1. I can ping devices on VLAN10 including the management interface, but not the Gateway. Neither can I ping anything on the other VLANs. Is this normal or have I messed up my config somehow?
Rich7475
Sep 05, 2025 Place Managed Switches
26Views
0likes
2Comments
IP ACL Vlans MG5300
Hello, I would like to implement IPv4 ACL policies in a Vlan segmentated network. My core switch is an M5300-28G ProSafe 24-port Gigabit L2+ with 10 Gigabit Stacking, 10.0.0.44, B1.0.0.5. I have the following vlan on the MG5300: Vlan1 192.168.0.0/24 - Servers + Internet Gateway Vlan10 192.168.10.0/24 Vlan20 192.168.20.0/24 Vlan30 192.168.30.0/24 Vlan40 192.168.40.0/24 Vlan50 192.168.50.0/24 Vlan60 192.168.60.0/24 Vlan70 192.168.70.0/24 - Printers I need to implement: Vlan10 Acces to vlan1 (to permit access to Servers and Internet) Access to Vlan70 (to permit access to printers) No Access to Vlan20, vlan30, vlan40, vlan50, vlan60 Vlan20 Acces to vlan1 (to permit access to Servers and Internet) Access to Vlan70 (to permit access to printers) No Access to Vlan10, vlan30, vlan40, vlan50, vlan60 Vlan30 Acces to vlan1 (to permit access to Servers and Internet) Access to Vlan70 (to permit access to printers) No Access to Vlan20, vlan10, vlan40, vlan50, vlan60 Vlan40 Acces to vlan1 (to permit access to Servers and Internet) Access to Vlan70 (to permit access to printers) No Access to Vlan20, vlan30, vlan10, vlan50, vlan60 Vlan50 Acces to vlan1 (to permit access to Servers and Internet) Access to Vlan70 (to permit access to printers) No Access to Vlan20, vlan30, vlan40, vlan10, vlan60 Vlan60 Acces to vlan1 (to permit access to Servers and Internet) Access to Vlan70 (to permit access to printers) No Access to Vlan20, vlan30, vlan40, vlan50, vlan10 Which is the best way to implement this requirements ? Thanks so much !
fjsanchez
Apr 04, 2018 Place Managed Switches
1.7KViews
0likes
3Comments
GSM5212 voice VLAN killing LAN access for Yealink T42S phones
Objective - I'm trying to set up 3 T42S phones for a 3cx pbx installation on an OVH vps in STUN configuration behind a Netgear M4100-D12G switch using the Auto-Voice VLAN. The router is a Netgear R8000P configured with reserved IPs for each phone. The Problem - When any of the phones are reset for provisioning, network availability is permanently lost and can be recovered only by a hard factory reset. I isolated the problem by removing the ports used by the phones from the Auto-Voice vlan and network connectivity for the phones was restored after provisioning. I would really appreciate suggestions that would allow me to reinstate the Auto-Voice vlan feature.
lcs0500
Jan 15, 2018 Place Managed Switches
2.9KViews
0likes
7Comments
Need help creating vlan (802.1Q)
I have a GS724Tv2 switch which currently has all appliances connected on vlan1. The firewall appliance is connected to port1 and I have a wireless access point (AirPort Extreme) on port10. Its my understanding that the AP’s regular traffic is untagged and the guest traffic is tagged 1003. I am attempting to pass regular traffic from the AP on vlan1 untagged and guest traffic on a new vlan (vlan1003). I created the new vlan (vlan1003) and assigned port1 and port10 both tagged. Both these ports are also still assigned to vlan1 untagged. When I do this it appears that all traffic to the firewall is being blocked on vlan1 and vlan1003 is still not connecting. What did I miss?
wgstarks
Jan 02, 2018 Place Managed Switches
1.2KViews
0likes
3Comments
M4100-D12G Configuring VLANs with shared Internet access
My switch is a GSM5212 with v. 10.0.2.26, (B1.0.1.1) firmware. I am tryng to configure routing VLANs with shared internet access using the guide at :- https://kb.netgear.com/30818/How-to-configure-routing-VLANs-on-a-NETGEAR-managed-switch-with-shared-internet-access I have followed the guide exactly and DHCP is working on all three VLANs but I am not able to configure the routing on my firewall and cannot be sure that I have the switch totally correct as I cannot ping the firewall from either of the VLANs not directly connected, even though the default route in the switch is set to the firewall port address. I would be grateful if somebody could please help with diagnosis of my errors!!!
Solved
Budgie4
Oct 24, 2017 Place Managed Switches
1.8KViews
0likes
3Comments
MAC Based VLAN question
I currently have an M4300-52G-PoE+ switch stack consisting of 4 switches. Right now I have ports 1-18 on each assigned to VLAN 1 and Ports 19-48 assigned to VLAN 5. Each VLAN has their own DHCP Scope on our Windows Server 2012 R2 DHCP Server, with VLAN 1 being 10.1.0.1/255.255.255.0 and VLAN 5 being 10.1.12.1/255.255.254.0 We keep all of our company printers on VLAN 1 with IP reservations on our DHCP server in the 10.1.0.X range. Last week I accidentally moved one of the Printers from a port on VLAN 1 to a port with VLAN 2 membership. My question is, could I have used the MAC Based VLAN feature on my switch to avoid this? Can I simply add the MAC addresses of all of my printers into the MAC Based VLAN Configuration table, and no matter what port I plug them into they will automatically get VLAN 1 assigned to them? If that is the case, do I need to add VLAN 1 as TAGGED to all of the ports that it is currently not UNTAGGED on? Any information would be greatly appreciated. TedW
TedW
Aug 15, 2017 Place Managed Switches
4.3KViews
0likes
1Comment
GSM7224P VLAN Routing and DHCP issues
Hi My pc O/S - WIndows 10 Pro, Firmaware of switch - 10.0.1.21, live office envionment. This switch does vlan routing for our 4 vlans. I have attempted to move the vlan routing to a different switch (HP) but inorder to do so i have to remove the entry from this switch and then enter then in the HP switch. This should produce an instant migration however the network (all HP switches) takes several hours to update and i had to put the VLAN routing back onto the netgear switch. Since then we have had speradic DHCP issues and DNS issues which were not around prior to the attempted migration. On a network with approximately 250 units the DHCP requests recieved is now 701308 and climbing rapidly, the requests relayed however is far less at 90746 and it has Zero (0) packets discarded. DHCP relay is enabled and is pointing to the correct DHCP server. If you connect a laptop to any of the VLANS it works and gets an address, plug anything else in (raspberry pi, mitel phone) then they struggle to get an IP address. DHCP server is not the issue. 1) Why is there a difference between the DHCP recieved and those relayed? 2) Why would DNS and DHCP issues be occuring after vlan routing is put back as before? IS this the ARP tables in the switches? 3) Can you give me any pointers as to why moving VLAN Routing would cause network wide black out for x hours when another vlan works fine on the 2nd switch? 4) Can you recommend any network software that i could use to find issues on our network, such as a broken switch or somehting issuing large amounts of network packets - please not wireshark. I have uploaded the files from the swtich to switch_support@netgear.com Any help is greatly apopreciated
Solved
Fusion98
Jul 11, 2017 Place Managed Switches
7.5KViews
0likes
7Comments
Howto change management vlanid on gs724T
Hi guys, I am trying to modify the management vlan vlanid from 1 to 2500 on a GS724Tv4. Firmware version : 6.3.1.19 I have configured a port (23) with PVID 2500, member of vlans 1 and 2500. Other ports have PVID 1. Then I modified the IP configuration and set the Management VLAN ID from 1 to 2500. When I do that, I loose control of the switch. Could you help me find what have I done wrond please ? Thanks Regards Fernand
Solved
sosfc
Jun 23, 2017 Place Managed Switches
13KViews
0likes
3Comments
M4300-24X24F VLAN's, ACL and separation
Good day all, I have found an article, but as soon as I try to set the rules according to the article I lose all connection to the switch and need to undo the ACL using the console cable... https://kb.netgear.com/30818/How-to-configure-routing-VLANs-on-a-NETGEAR-managed-switch-with-shared-internet-access I have a stack of 2x M4300-24X24F, which contains several VLAN's: 1, 20, 90, 91 and 101 Now all theses VLAN,s should not be able to route to eachother, except for VLAN 20 to a few hosts in VLAN 1, and theses few hosts in VLAN 1 to all of VLAN 20. So what is the best way to configure this? Or did I really make a big mistake and should I have gone for HP instead?? (At least on our old HP switch routing is opt-IN instead of opt-OUT?) Sorry to say, but even budget TP-LINK has a more intuitive interface...
XanderVR
May 15, 2017 Place Managed Switches
7.2KViews
0likes
8Comments
Trying to change Switch to get DHCP address on Vlan 10 or assign it a static on VLAN 10
Hello, I'm not familiar with Netgear VLANs. My default data network is on vlan 10. My network has all the vlans controlled through the firewall (I do not want any routing through the switch between vlans). The firewall passes out DHCP on VLAN 10 , 20 etc. I have the switch plugged in to port 1 all vlans tagged, PVID 10. With the switch connected on port 1 configure with all vlans tagged, pvid vlan 10 the switch doesn’t get an IP but it does let attached workstations get a vlan 10 dhcp address and they can get to the internet. With the switch connected on port 1 configure with all vlans tagged, pvid vlan 10 and VLAN 1 removed from the port the switch doesn’t get an IP but it does let attached workstations get a vlan 10 dhcp address and they can get to the internet. With the switch connected on port 1 configured with vlan 10 untagged, pvid 10 – I get no ip on the switch but a vlan 1 dhcp address on the workstation. I’ve tried changing the VLAN management VLAN but all I can do is change the down arrow – to vlan 10 – I can’t set the vlan management IP and changing it to 10 doesn’t let it get a dhcp on vlan 10 it still gets it on vlan 1 I do not normally delete the default VLAN but I don’t see how to assign an IP to each vlan on the switch either. Typically I assign the firewall the first Ip in the subnet –e.g. 10.200.272.1 and the first switch or stack the .5 address. The switch is on the current firmware. The switch can get to the internet and the workstation connected to it can also get to the internet. Let’s focus on the switch please (I have 30 other firewalls – same model connected to excite, cisco, avaya and alcatel switches with nearly identical vlans so please don’t get distracted by the firewall. I’m not saying that there is a problem with the netgear design – just that I’m not familiar with it but I’m extremely familiar with firewalls so let’s net get distracted by the firewall part of the equation. I’ve done something wrong on the switch – not the firewall so I could use help with the switch please as I’d like to learn netgear as well. I see a place to add an IP to a port and if I do, technically I can ping it but I'm concerned about routing issues that may create as on other systems I assing IPs to a switch not a specific port. So typically I can assign 10 vlans IPs on different segments to the switch. As far as I can see I can only assign one IP to a port.
boe
Mar 20, 2017 Place Managed Switches
2.1KViews
0likes
2Comments