Simplest VLAN usage, no luck (screenshots, Cisco SG300)
-
New to VLANs read a bunch of tutorials but still no luck.
pf
em0_lan
em0_vlan2cisco sg300
port17 < em0
port18 < modemNot 100% clear on tagged/untagged, tried both, neither worked.
What am i missing here?
-
In most cases you should never use VLAN1.
If I understand you correct your em1 NIC is connected directly to the VDSL-WAN-connection.
em0 should be used with VLAN and one is for the LAN and the other for your modem ?So best thing to do is on em0:
Create two VLANs
VLAN10 for LAN
VLAN20 for modemIf you did so create assign these two VLANs as an interface, add an IP, create firewall rules, enable DHCP server and so on.
VLAN10 and VLAN20 are tagged VLANs.This means you need an port on your SG300 which is:
A trunk port
VLAN10 is tagged
VLAN20 is tagged
This is the port where you connect the ethernet cable between em0 and the cisco SG300 switch.After this you setup one port on the cisco as follows:
An access port
VLAN10 is untagged
This is the port where you connect the ethernet cable to your modemAll other ports on the cisco switch should be configured as:
An access port
VLAN20 is untagged -
Big thanks to Nachtfalke, everything is working.
For others you might benefit from this:
VLAN20 untagged = Single port to connect the modem
VLAN10 untagged = Other LAN portsNachtfalke made a typo by reversing them at the end of his guide.
-
In some cases, jut tagging vlan1 on firewall port should work.
On thing to keep in mind while using vlans, never configure a port with tag and untag ids. ;)
att,
Marcello Coutinho