Hi all, I'll start by saying that I'm very new to this type of thing. I have a very simple home network and I just want to isolate 1 PC on a VLAN from everything else.
I have an R6700 router plugged into port 1 on a GS308e switch. I want to isolate port 4 on the switch on VLAN40 but still have internet access on all ports.
In 802.1Q Adavnced>VLAN Config, I have:
VLAN1: 1,2,3,5,6,7,8
VLAN40:1,4
VLAN Membership:
VLAN1: ALL ports = U except Port 4 =off
VLAN40: Port 1 = U, Port 4 = T, everything else = off
In Port PVID:
All ports are PVID = 1 except Port 4 where PVID = 40
In this config everything but the Port 4 has internet access
If I change PVID of Port 1 to PVID=40, Port 4 gets internet acess but nothing else.
I feel like I'm doing something drastically wrong but not sure what. I played with the tagging and untagging but didnt really get anywhere. Or I'm just fundamentilly not understanding the concept of tagged vs untagged.
Any help would be appreciated.
Model: GS308E|8 Port Gigabit Ethernet Smart Managed Plus Switch
I feel like I'm doing something drastically wrong but not sure what. I played with the tagging and untagging but didnt really get anywhere. Or I'm just fundamentilly not understanding the concept of tagged vs untagged.
Neither. In a strict 802.1q VLAN, permitting a correct configuration*, each VLAN is a completley isolated network. *You can't have a port like #1 participating untagged in two different networks.
There exist (at least in theory) some kind of so-called hybrid or asymmetrical VLAN. Netgear does not explicitly support it, and I'm not aware of a related KB entry.
You require three VLANs:
One spanning all ports untagged (e.g. VLAN 1),
one spanning all "normal" ports untagged (e.g VLAN 10, PVID 10), and
one spanning all "special or Internet-only" port(s) untagged (e.g. VLAN 20, PVID 20).
The router port has all three VLANs untagged, and PVID 1.
