11-23-2012 02:49 AM
I can't find an updated version of the Administration Guide for firmware version 1.0.4.17 on the RV220W.
The VLAN Membership screen now allows an "Excluded" option. Does selecting this mean no traffic arriving at that port, regardless of tag status, would be able to reach other members of that particular VLAN?
Sent from Cisco Technical Support iPhone App
11-23-2012 09:16 AM
Good morning.
Thanks for using our forum.
Hi Richard Iemand my name is Johnnatan and I am part of the Small business Support community.
This is a little explanation of vlan tagging, including the “Excluded” option.
-Forbidden: The interface is not allowed to join the VLAN even from GVRP registration. When a port is not a member of any other VLAN, enabling this option on the port makes the port part of internal VLAN 4095 (a reserved VID).
- Excluded—The interface is currently not a member of the VLAN. This is the default for all the ports and LAGs. The port can join the VLAN through GVRP registration (static VLAN is not allowed on port ).
- Tagged—Select whether the port is tagged. This is not relevant for Access ports.
- Untagged—Select whether port is untagged. This is not relevant for Access ports.
- PVID—Port PVID is set to this VLAN. If the interface is in access mode or trunk mode, the switch automatically makes the interface an untagged member of the VLAN. If the interface is in general mode, you must manually configure VLAN membership.
I hope you find this answer useful, if it was satisfactory for you, please mark the question as Answered.
Please rate post you consider useful.
Greetings,
Johnnatan Rodriguez Miranda.
Cisco network support engineer.
11-23-2012 10:14 AM
Thanks for your very detailed response Jonathan. My knowledge of this topic isn't quite up to the level required to understand all of it though. (I don't know my GVRP from my Static VLAN)
The RV220W is just a basic SMB router with no "Forbidden" option. Can I also assume GVRP is irrelevant in this case? If that is true, considering this router's limited capabilities, is the answer to my original question YES?
What I'm trying to figure out (in the context of this particular router) is whether machines on say VLAN4 are completely isolated from all traffic on a port where the association with VLAN4 is marked as "Excluded" ... and that nothing (attack or virus) will be able to reach VLAN4 via that port, even though they may reach other VLANs via that same port.
Apologies if it's not clear.
Sent from Cisco Technical Support iPhone App
11-23-2012 11:30 AM
Hi Richard Iemand
You are right !, "exlude port" means that is not goint to be part a member of the selected vlan,
I hope you find this answer useful, if it was satisfactory for you, please mark the question as Answered.
Please rate post you consider useful.
Greetings,
Johnnatan Rodriguez Miranda.
Cisco network support engineer.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide