Simplest VLAN usage, no luck (screenshots, Cisco SG300)

Guest

New to VLANs read a bunch of tutorials but still no luck.

pf
em0_lan
em0_vlan2

cisco sg300
port17 < em0
port18 < modem

Not 100% clear on tagged/untagged, tried both, neither worked.

What am i missing here?

Nachtfalke

In most cases you should never use VLAN1.

If I understand you correct your em1 NIC is connected directly to the VDSL-WAN-connection.
em0 should be used with VLAN and one is for the LAN and the other for your modem ?

So best thing to do is on em0:

Create two VLANs
VLAN10 for LAN
VLAN20 for modem

If you did so create assign these two VLANs as an interface, add an IP, create firewall rules, enable DHCP server and so on.
VLAN10 and VLAN20 are tagged VLANs.

This means you need an port on your SG300 which is:
A trunk port
VLAN10 is tagged
VLAN20 is tagged
This is the port where you connect the ethernet cable between em0 and the cisco SG300 switch.

After this you setup one port on the cisco as follows:
An access port
VLAN10 is untagged
This is the port where you connect the ethernet cable to your modem

All other ports on the cisco switch should be configured as:
An access port
VLAN20 is untagged

Guest

Big thanks to Nachtfalke, everything is working.

For others you might benefit from this:
VLAN20 untagged = Single port to connect the modem 
VLAN10 untagged = Other LAN ports

Nachtfalke made a typo by reversing them at the end of his guide.

marcelloc

In some cases, jut tagging vlan1 on firewall port should work.

On thing to keep in mind while using vlans, never configure a port with tag and untag ids.  ;)

att,
Marcello Coutinho