Re: RV340 + wireless access point: configuring VLANs for wireless clients

MNo3853 · ‎03-14-2021

I have Cisco RV340 as router and a Ubiquiti Wireless access point. I want to separate different clients to their own VLANs and limit their connectivity between VLANs (e.g. not allowing IoT devices to communicate to other VLANs).

My wireless AP is currently connected to LAN1 in RV340. All connected wireless clients are in VLAN1 at the moment.

I can set static ip addresses for devices once they are part of VLAN1. If I create more VLANs and try to set static IP address to those it will not work. The device will still stay in VLAN1 even if I do that.

So the question is: what should I do to assign connected clients to their own VLANs and still allow the to connect to WAN? After I would be able to set the device into their own VLANs I should be able to limit their access to other VLANs by setting firewall rules. But as long they all stay in VLAN1 it is not possible.

Thanks.

Sujoy Paria · ‎03-19-2021

Hi,

It seems the VLAN tagging on the LAN ports are not configured properly. If the connected end device on the RV340 Router LAN is not capable to understand the VLAN tagging, then you can configure that port as untagged for that respective VLAN and exclude the other VLANs or marked the other VLANs as tagged.

For Example, VLAN 1 will be untagged (U) for LAN1 port of RV340 and VLAN2 will be untagged (U) for LAN2 port of RV340. You may enable the DHCP for those VLANs or assign the IP statically for the users connected in those VLANs.

You may refer the below mentioned link to understand the VLAN tagging configuration in RV340 series Router:

https://www.cisco.com/c/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/1393-Inter-VLAN-Routing-with-Targeted-ACL-Restrictions.html