cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2931
Views
10
Helpful
11
Replies

sg350-10p 3 VLANs for unfi AP on to 1 port

finn
Level 1
Level 1

Trying to set up sg350 with 3 or 4 vlans from pfense box onto 1 port for distribution to a Unifi AP to provide 3 separate wifi networks - VPN, Clear-net and guest.

On vlan membership nothing seems to work  setting 3 vlans to share the port as can be done in on the sg300 - 1 vlan is ok but more seems to be ignored.

Vlan 10,20,30,40 created and can be set to separate ports but combined to one port is a problem.

Can anyone help out a numpty?

1 Accepted Solution

Accepted Solutions

Hi,

Here some misunderstanding the PVID concept with SG series. This is not a Private VLAN. 

 

The PVID of a port is the VLAN id that will be assigned to any untagged frames entering the switch on that port (assuming the switch is using port-based VLAN classification). This is a concept that is defined in IEEE 802.1Q.

 

PVID.png

 

 

 

 

 

 

 

 

 

You can set the Untagged VLAN then PVID will auto-selected on a Trunk port. 

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!

View solution in original post

11 Replies 11

Seb Rupik
VIP Alumni
VIP Alumni

Hi there,

Sounds like the switchport is not in mode trunk.

Can you share the running config of the switch to confirm?

 

cheers,

Seb.

Thanks that seems to be it when trunk mode enabled the vlans are there - totally missed that bit

Thanks!

Glad it was an easy fix. Please mark this post as solved.

 

cheers,

Seb.

One other point I"m not able to get.

Ive got ports with 10U 20U 30U 40U each what I want is 10UP etc etc

port 5 10U 20T 30T 40T what I want is 10UP 20T 30T 40T

 

I seem to be missing where to change from U to UP cant see it within port vlan membership - not clear to me where this is even tho the key for suffix is in the port vlan membership

 also cant seem to find a way to be able to have the greyed out bits of the bottom of this frame - i'm working from a guide for sg300 and the sg350 interface seem way different

Screenshot_2019-04-14 Edit Interface Settings.png

 

This is what I'm aiming for

 

pfSense router on a stick VLAN configuration with a Cisco SG300.png

Hi there,

The 'P' denotes that the VLAN is a private VLAN. Without seeing the full config I would imagine that VLAN 10 is a private VLAN configured to run in isolation. So in your config. switchport with 10UP, is configured to place untagged frames in VLAN10 and prevent that traffic from communication with other hosts in VLAN10.

Take a look at this guide on how to set it up:

https://www.cisco.com/c/en/us/support/docs/smb/switches/cisco-350-series-managed-switches/smb5827-configure-vlan-interface-settings-on-a-sx350-sg350x-or-sx550.html

Or (page 277):

https://www.cisco.com/c/dam/en/us/td/docs/switches/lan/csbms/350xg/admin_guide/AG_Tesla_350_550.pdf

 

cheers,

Seb.

Thanks for your reply.

Unfortunately I cant seem to access the switch to do anything! Been trying of hours and nothing. Pings reply - dedicated connection on 192.168.1.254 but everything else fails no web page ssh refused no telnet. I reset it and still nothing from any port even though its connected and pings

Any Ideas? 

Update,

Hours later....

For some reason I cant work out if an connection is set to 192.168.1.253 and connected (ifconfig gives address as 192.168.253 pings ok) the web config page @ 192.168.1.254 connects.

Ive no idea whats going on here but something seems flaky and unstable as it was previously working with 254 set.

Anyways, am still getting nowhere trying to assign a vlan UP (untagged/private) in vlan membership. Private VLAN settings does not seem to change it to P in port vlan membership table.

 

Trying to follow and create this setup https://nguvu.org/pfsense/pfsense-router-on-a-stick-with-sg300/

Any ideas

 

 

Hi,

Here some misunderstanding the PVID concept with SG series. This is not a Private VLAN. 

 

The PVID of a port is the VLAN id that will be assigned to any untagged frames entering the switch on that port (assuming the switch is using port-based VLAN classification). This is a concept that is defined in IEEE 802.1Q.

 

PVID.png

 

 

 

 

 

 

 

 

 

You can set the Untagged VLAN then PVID will auto-selected on a Trunk port. 

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!

Thanks for the help!

seems to be working now after I changed the single vlan ports back to level 2 - the design I had was for them to be level3 - no idea if that was the problem tho but non of them show as UP just untagged and cant find a way to get to UP,  but hey if it works then I don"t care.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: