When OPT port set VLAN tag 200, but nontag laptop RJ-45 plug-in to OPT port will obtain IP from SG-1100 DHCP server.
-
I have a question on VLAN setting,
I set SG-1100 OPT port to VLAN tag 200 and enable DHCP server on OPT port, When I use nonTag laptop RJ-45 plug-in to
OPT port, It will obtain IP from SG-1100, If I want to drop nonTag traffic, How can I do it,
Thanks.SG-1100 firmware version: 21.02.2
Topology:
SG-1100 <----OPT ethernet----> nonTag (laptop) 192.168.2.100
Procedure:
- Enable OPT port and set IP address to 192.168.2.1/24
- Enable OPT DHCP server. (Start: 192.168.2.100 to: 192.168.2.200)
- Set OPT port to VLAN 200.
- Add firewall pass IPv4+IPv6 TCP/UDP source OPT net.
ethernet setting:
wireshark capture packets:
packets for nontag_to_VLAN_200.pcapng -
You have to configure the laptop to use that VLAN. If it can't be configured for a VLAN then you'll either have to not use a VLAN for that or get a cheap managed switch (avoid TP-Link) to convert between tagged and untagged.
-
@jknott Thanks for your reply, May I know SG-1100 filter rule can drop nonTag packets ?
-
There is no such rule. VLANs are at L2 and the filters work at L3. What you do is configure the interfaces with VLANs when you need them. For example I have VLAN3 enabled on my LAN interface to support my guest WiFi. Also, my understanding is the Netgate gear does something different with VLANs. I haven't worked with Netgate equipment, so I can't help with that.
