Web and Unmanaged
1745798 Members
3548 Online
108722 Solutions
New Discussion

Re: VLANs 1920 Setup

 
rnichols
Visitor

VLANs 1920 Setup

I am totally new to how to even fathom how to setup this up.  This is for a home enviroment I have a 1920-24G core switch that I want to vlan it is talking to MikroTek RB3011 that does vlan tagging as well.  I wanted to setup vlan for the main network that the kids cannot get to, and then a kids/guest one.  I also have an access point Ubiquti AC Pro, that does VLAN as well and was going to route all that thru the switch.  

I will be adding a 2nd switch for the cameras and adding another vlan at some point, and that would need to go to the main vlan.  Where do I start in figuring out how to accomplish this?  

Also can the vlans be used to do like a vlan for printers that both vlans can access but they cannot see each other?

 

Thank you

 

6 REPLIES 6
16again
Respected Contributor

Re: VLANs 1920 Setup

Did you already look at the pdf manual? Vlan chapter starts at page 146 (out of 547)
Remember to use trunk mode instead of hybrid on port carrying multiple VLANs

rnichols
Visitor

Re: VLANs 1920 Setup

How do i keep from loosing access to the switch while I am configuring the ports?  The computer ports are normally what untagged? then the trunk mode for like the access point and router and the other switches..

 

thank you

-TM-
Advisor

Re: VLANs 1920 Setup

Access Ports ('untagged') are to be assigned to a single VLAN for a single Device, like PCs or Printers.

Trunk Ports ('tagged') can handle traffic for multiple VLANs and are connected to Routers and Switches which must have configured a Trunk port itself. For each VLAN you will need a virtual interface on the router to communicate with those Clients and route traffic to somewhere with routing to the internet or drop packets e.g. for inter VLAN communication.

When you configure the ports, configuration will change. e.g. IP addresses. This might be the reason why you get disconnected. Connect your PC to a single port, you don't assign and configure the switch. Connect other devices to those ports you configure. I'm using 2 raspberry pie for testing my ports.

Vince-Whirlwind
Honored Contributor

Re: VLANs 1920 Setup

You first need to decide which devices are in which "zones", and then assign them their physical ports, then record which "zones" the physical ports are going to be in.

You need to decide where the routing is going to be done for each of the VLANs - either the switch, or the router. 

If you are doing all your routing on the router, then you need to configure a trunk between switch and router that will carry all the VLANs. Each VLAN on the router should be given the IP address that is the router IP address for that VLAN's subnet. The switch should only have one IP address, probably an IP address on the "Main" VLAN, so you can manage it.
Then, on the router, you need to create an access list on the "Guest" VLAN interface, preventing it from reaching the "Main" subnet".

If you do the routing on your switch, then you should create an additional VLAN which will be for the subnet that goes between your switch and your router. No other VLANs should go to the router. The switch VLAN interfaces have each subnet's router IP address.

In either case, you will need a DHCP-forwarder on each subnet, pointing at your DHCP server.

If you create a separate VLAN for printers, it will be accessible to all so long as you don't put an access list on it.

rnichols
Visitor

Re: VLANs 1920 Setup

I have tried this, I cannot seem to get the DHCP to work, and if I do a static IP it wont find the router, I have a DHCP relay setup, I have the VLAN interface setup with the IP address.. I guess I'm missing something, any ideas as to what I screwed up?

rnichols
Visitor

Re: VLANs 1920 Setup

Anymore ideas? I cannot seem to get the DHCP traffic to flow nor the internet.  I have tried setting them up like described here, but I must be missing something.

Thanks