yes - and rebooted and checked that the settings were still there - and the laptop still got an address from the dhcp server on the other vlan

Then its either a bug or an undocumented feature.

Some switches have a "shared" VLAN (the 'other' guys, 3COM), which is the default VLAN (i.e. anything on VLAN 1 is seen by all other VLANs).  I haven't tested VLANs on the RV since I needed exactly this feature, and the usual way of getting it is by using tagged VLAN, which the RV doesn't have.

If it is an undocumented feature its actually good news for me, so if you test it (anything on VLANs different than 1 can't see each other), do let me know... I can't test at the moment whithout disrupting my network.

I just checked, and the VLANs completely isolate each other.

Your problem must be something else, old firmware perhaps?  I'm using the 2.0.0.19-tm version.

Could be something else, your laptop connecting through an Access Point (WiFi) and not the cable as you think.

Hi Rene

Im out of the office this week but changed the config remotely to use VLAN2 and VLAN3 instead of 1 and 2 and got somene to test it for me and it seemed to work ok. I'll try again with VLAN1 & 2 when Im back next week and report back. Im using the same version of firmware as you.

Thanks

Roger.

Hi, I seems to have the same issue with a RV016 router. I tried to put VLAN2 for network 1 and Vlan 3 for network 2, but no matter what I do they still can ping each other (since I am not a network genius I think this is bad !) I got the latest firmware. If you manage to make it work let us know your solution.

Thanks

ok - the VLAN2/3 thing didnt fix the issue - this morning I did a complete factory reset and reconfigured all my settings and now the vlans are isolated EXCEPT for the dhcp relay (must have been a bug that they didnt get isolated the first time around as the settings are exactly the same). I have a dhcp server (domain controller) on the main vlan which provides ip addresses but the RV082 then relays the dhcp requests to all vlans so although the vlans are separated dhcp clients on them use the same ip address range. Does anyone have an idea if theres a telnet command I can use to stop the dhcp relay to a specific vlan?

Thanks

Roger.

I don't agree with your idea, a DHCP server can serve multiple LANs (separated by IP range), so the relay on the RV is doing the correct thing.  The VLANs are separated, the DHCP is comming from the RV which is the only point in common, the same way it serves as gateway to all VLANs.

ok (except a better implementation would be to be able to give different relays to different vlans) -  I have now given vlan2 a different IP range (by turning off the relay and putting a separate dhcp server on VLAN2) the router still routes between the vlans by default (I assume this is caused by the default access rule for lan traffic that cant be turned off as far as I can see) but at least now I can put in an access rule on the firewall that stops commmunication between the different vlan ip ranges.

Would you mind to share how you do the rule in the firewall, as I try and did not find what to do ?

Thanks

Serge

Hi Serge

you need to go to the "firewall" tab and then to "acces rules".

Make sure you know the ip ranges for both vlans

Click on Add New Rule

Action - Deny

Service - All Traffic

Log - Not Log

Source INterface - Lan

Source IP - Range and then set values to ip range of vlan 1

Destinatin ip - Range and then set values to ip range of vlan2

Click on Save Settings

Then repeat but reverse the source and destination ip ranges

N.B. If you have any vopns set up to other destinations include these in the ip ranges or set up additional rules if you want these destinations to be segrgated from one of the vlans as well.

I hopw that helps.

Roger.

Thanks, it is now working like I want ! Except for one thing but I ask it on a new post.

Thanks again

Serge

roger.barrett wrote:
I have now given vlan2 a different IP range (by turning off the relay and putting a separate dhcp server on VLAN2) the router still routes between the vlans by default (I assume this is caused by the default access rule for lan traffic that cant be turned off as far as I can see) but at least now I can put in an access rule on the firewall that stops commmunication between the different vlan ip ranges.

No, that shouldn't happen.

Routing and firewall are two different things, the firewall has no routing functionality, it simply stops traffic or lets it through.

Different VLANs shouldn't see each other, even if they use the same IP range, or have the network mask open to see each other.

Looks like you're back on square one.  My own test showed complete isolation, on the same LAN (I tested with a server connected directly to one port, it was unreachable from the rest of the LAN).

Mr. Berber,

The issue your running into with the RV082, is that it does port base vlans and not true vlans on the device.  However what you have will work. 
All you have to do is create deny access rules in the firewall denying one network to the other one.  Once you do this they will be separate.