Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1401
Views
0
Helpful
4
Replies

RV180W Vlan Problem

brutzelhutzel
Level 1
Level 1

‎12-03-2012 08:54 AM

hi

I have some problems setting up a wlan guest connection over a separat vlan.

My target: WLAN SSID "guest" which is a Member of the VLAN 10 should connect over two Switchs to a Router to the internet as following:

RV180W WLAN-SSID guest [VLAN10] ==> RV180W WAN Port ==> Switch A [Trunk input-Port/Trunk output-Port] => Switch B [Trunk input-Port/VLAN10 Ouptut-Port]

I'm using 802.1q on every Switch

My Question:

- Are the VLAN-Tags even routet from WLAN to the WAN-Port?

- If I Tag the Output-Port on Switch B with VLAN 1 and 10, there is no connection

If this isnt possible, how do I prevent the WLAN-Users for accessing the internal Network? They should only use the internet. At the end, there should be 2 WLAN-SSIDs, one who can connect to the internal Servers, and one who can connect to the internet only. I thought that this would be easy, but it seems, that there is no tagging at all. What am I missing?

Help would be really appreciated:)

Labels:
0 Helpful
4 Replies 4

Tom Watts
VIP Alumni
VIP Alumni

‎12-03-2012 01:59 PM

Hi Joe, when creating there vlans, the router has a feature to enable or disable intervlan routing. If you require vlan 10 no access to your vlan 1, disable this feature.

-Tom
Please rate helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/
0 Helpful

brutzelhutzel
Level 1
Level 1
In response to Tom Watts

‎12-04-2012 02:12 AM

Hi Tom

Thanks for your Input, unfortunately it's still not working. I have still access to everything with the VLAN 10. You're sure, that the Cisco-Router route the VLANs too? so from WLAN (VLAN-Subnet) 192.168.100.x VLAN 10 to the WAN-Port 192.168.101.x the Pakets would be still belong to the VLAN 10?

0 Helpful

Tom Watts
VIP Alumni
VIP Alumni
In response to brutzelhutzel

‎12-04-2012 08:23 AM

Joe, I am positive the router will handle the capacity for the inter-vlan routing. The vlan tag wouldn't be carried over the WAN port as it is a NAT interface.

If you break down what you're doing only with the RV180 as the gateway and layer 2 switches behind the router, if you remove intervlan routing when creating the vlans on the router, both vlan have no contact to each other, only the internet, as layer 2 switches won't allow vlans to communication. All intervlan communication takes place at the layer 3 device with the correct default gateways set.

The packets, once hitting the WAN of the RV180 belong to the source it comes from as that is what any device cares about. How you manage traffic beyond the WAN of the RV180 is dependent on the devices upstream if there is more "LAN" to and not the usual "WAN".

-Tom
Please rate helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/
0 Helpful

brutzelhutzel
Level 1
Level 1
In response to Tom Watts

‎12-10-2012 02:48 AM

Behind the WAN Port, there is the Server and the Internet-Router. But I dont want that the VLAN10 can reach both, the Internet AND the Server. VLAN10 should only reach the Internet. But if I loose the tagging after the WAN Port, how could I prevent the VLAN10 to reach the server? Or can I use a LAN-Port as Standardgateway for VLAN10? How is this possible?

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents