Re: RV320 port-based vlans

supersupport · ‎07-22-2013

Hello fellow routing and switching enthusiasts.

I need to setup port-based vlans on my RV320, but I'm having a problem saving a simple change from factory setup.

The "before" VLANs-to-ports assignment (per Port Management -> VLAN Membership) is factory default, ie:

a) VLAN ID 1 on ports LAN 1, LAN 2, LAN 3, LAN 4, untagged. With IP subnet 192.168.1.0/24

b) VLAN ID 25 on ports LAN 1, LAN 2, LAN 3, LAN 4, tagged. With IP subnet 192.168.2.0/24

c) VLAN ID 100 on ports LAN 1, LAN 2, LAN 3, LAN 4, tagged. With IP subnet 192.168.3.0/24

The "after" VLANs-to-ports assignment setup I would like to achieve is as follows:

a) VLAN ID 1001 on port LAN 1 only, untagged. Will eventually become subnet 192.168.11.0/24

b) VLAN ID 1002 on port LAN 2 only, untagged. Will eventually become subnet 192.168.12.0/24

c) VLAN ID 1003 on port LAN 3 only, untagged. Will eventually become subnet 192.168.13.0/24

d) VLAN ID 1004 on port LAN 4 only, untagged. Will eventually become subnet 192.168.14.0/24

The "process" I tried, to make my first move, was as follows:

The RV320 initially has IP address 192.168.1.1, accessible from all ports: LAN 1, LAN 2, LAN 3, LAN 4.

My laptop is connected to port LAN 1, with IP 192.168.1.2

I then tried to use Port Management -> VLAN Membership to exclude just VLAN 1 from port LAN 2 (seemingly trivial right ?).

But that always fails. I can indeed select this option via the dropdown menu, but every time I try to save this, I get an error:

"A VLAN port can only be tagged to one VLAN ID (LAN 2)".

This implies that all ports must always be configured to accept default VLAN 1, untagged, so I can never assign different untagged vlans to any ports.

Alternatively I am missing something, but what is it ?

.

naarjuna · ‎07-22-2013

Hi Peter,

Try to do the following steps:

1) Add all the Vlan's that you need (1001, 1002, 1003, 1004) and click Save.

2) Change the other Vlan's to Excluded, except the one that you need as untagged.

3) Do the same for the remaining Vlan's and it should work.

Hope this helps,

Let me know if you need further assistance.

Thanks,

Naresh Arjunan

supersupport · ‎07-23-2013

You were half way there, and that encouraged me to experiment with different ways and determine the correct process, which was as follows:

The "before" VLANs-to-ports assignment (per Port Management -> VLAN Membership) is factory default, ie:

a) VLAN ID 1 on ports LAN 1, LAN 2, LAN 3, LAN 4, untagged. With IP subnet 192.168.1.0/24

b) VLAN ID 25 on ports LAN 1, LAN 2, LAN 3, LAN 4, tagged. With IP subnet 192.168.2.0/24

c) VLAN ID 100 on ports LAN 1, LAN 2, LAN 3, LAN 4, tagged. With IP subnet 192.168.3.0/24

The "after" VLANs-to-ports assignment setup I achieved is as follows:

a) VLAN ID 1001 on port LAN 1 only, untagged. Became subnet 192.168.11.0/24

b) VLAN ID 1002 on port LAN 2 only, untagged. Became subnet 192.168.12.0/24

c) VLAN ID 1003 on port LAN 3 only, untagged. Became subnet 192.168.13.0/24

d) VLAN ID 1004 on port LAN 4 only, untagged. Became subnet 192.168.14.0/24

PROCESS:

First relocate laptop-to-router ethernet connection from LAN 1 to LAN 4.

Access Port Management -> VLAN Membership and reduce some complexity by deleting factory VLANs 25 and 100. Leaves VLAN 1 Default on all ports, untagged.

Stick with Port Management -> VLAN Membership and add new VLANs 1001, 1002, 1003 and 1004.

Stick with Port Management -> VLAN Membership and use simultaneous-2-vlan-editing explained below to replace VLAN 1 with a new vlan, on each port, untagged, ie:

a) config both VLAN 1 on port LAN 1 excluded, and VLAN 1001 to port LAN 1, untagged -> Save

b) config both VLAN 1 on port LAN 2 excluded, and VLAN 1002 to port LAN 2, untagged -> Save

c) config both VLAN 1 on port LAN 3 excluded, and VLAN 1003 to port LAN 1, untagged -> Save

d) do not mess with vlan 1004 or port LAN 4 at this stage or you'll lose your connection, and it's not obvious how to get it back.

###################################################################################

#

# Simultaneous-2-vlan-editing is where you:

#

# a) Check the box next to 2 vlans (VLAN 1 and VLAN 1001 for example) and then click edit.

#

# b) Configure VLAN 1 "Default" to be excluded from port LAN 1,

# and

# configure VLAN 1001 to be untagged on port LAN 1

#

# c) Then click save.

#

# By saving both of the changes to port LAN 1 simultaneously, we satisfy the requirement

# that there is always an untagged vlan bound to port LAN 1.

#

###################################################################################

Configure Setup -> Network -> Multiple Subnet Table and change the default subnets which got auto assigned to new vlans, ie:

a) IP 192.168.4.1 subnet 192.168.4.0/24 got auto assigned to vlan 1001 on port LAN 1.

Change IP to 192.168.11.1, change subnet to 192.168.11.0/24

b) IP 192.168.5.1 subnet 192.168.5.0/24 got auto assigned to vlan 1002 on port LAN 2.

Change IP to 192.168.12.1, change subnet to 192.168.12.0/24

c) IP 192.168.6.1 subnet 192.168.6.0/24 got auto assigned to vlan 1003 on port LAN 3.

Change IP to 192.168.13.1, change subnet to 192.168.13.0/24

Change laptop IP to 192.168.11.2, relocate my laptop-to-router ethernet connection from LAN 4 back to LAN 1, reconnect to router on 192.168.11.1

Finish up with:

Port Management -> VLAN Membership to configure VLAN 1004 on port LAN 4 (using simultaneous-2-vlan-editing).

Port Management -> VLAN Membership to delete VLAN 1

Setup -> Network -> Multiple Subnet Table change the auto assigned subnet from 192.168.4.1/24 to 192.168.14.1/24

###########################

Naresh - others might find it very helpful to find an article in your Knowledge Base for Small Business Routers, along the lines of: "How to replace the Default untagged VLAN 1 with a new untagged VLAN, on a port."

And include the less-than-obvious (to me) method of simultaneous-2-vlan-editing.

Thanks.....pete

supersupport · ‎07-23-2013

I couldn't see a way to select that this question is answered. If you can do it, that would be marvellous.

reyn1833@charter.net · ‎09-27-2018

Am I missing something. I have gone so far as to delete all the vlans except Vlan 1 I get the same error. I tried going into ssh and you are not allow to change the lans from the command. "interface vlan modify 1 LAN01" Excluded is not valid. is there some thing I'm missing. I upgraded to the newest firmware. I need to shut all ports except LANS4 to exclude.

RV32X> interface vlan show 1
VLAN Global Enable

interface vlan 1
ip address: 192.168.1.200 255.255.255.0
dhcp mode: Server
client lease time: 1440 min
pool: 192.168.1.100~192.168.1.149
dns mode: DNS Proxy
wins: 0.0.0.0

Description: Default
Inter VLAN Routing: Disable
Device Management: Enable
LAN01:untagged LAN02:untagged LAN03:untagged LAN04:untagged

RV32X> interface vlan modify 1 LANS1 Excluded
interface vlan modify setting format error, please follow the help example to type your command

almercado1101 · ‎10-03-2019

I am not really sure I understand what you are trying to achieve, but here are a couple of tips.

1st - Vlan 1 - is considered the untagged vlan which in turn is considered the native vlan. Also this vlan is usually the one that is handling the internet traffic. I may be mistaken about this depending on your setup. This vlan must remain untagged in all ports as it participates in all ports. Note: you can only have 1 untagged vlan per port. You exclude the vlans you do not want participating in a port.

2nd - You need to activate inter vlan routing if you want the other vlans to be able to reach the internet. So activate it, you can test this by pinging from 1 vlan to another. This is the process of setting up a router on a stick. Most people don't like to share this information.

3rd - You need to set the SVI's on the DHCP configuration. You must do this part in order to identify the vlan subnet. The router does not magically know which vlan is related to which subnet. You have to set this part for it to work. The IP you set here is the IP that the subnet will be using as the default gateway. This IP is the one that will be performing the routing for you. In most cases you would configure 192.168.xx.1 as the IP, then on the DHCP configuration, you would set that as the default gateway.

4th - Make sure that you have the latest firmware for this unit, it helps with vlan setups. Also remember that there is a limitation on each router, the 320 can only handle 4 vlans. If you need more vlans you need a 325, which can handle 25 vlans.

5th - You have to tag the lan interface that needs to communicate with a particular vlan. This is key, you either trunk multiple vlans or you access a single vlan. This is configured on the side of switch or device that is connected to the lan port on the router. NOTE: you can tag multiple vlans to a single lan interface, but you will need to trunk the port on the side of the switch to get that communication across to all vlans. If you wish to just tag 1 vlan then you must set the port to access on the side of the switch.

Now questions: Do you have a switch connected to each lan interface that will be communicating to each vlan? Remember that inter-vlan routing plays a big roll it helps in communicating to the internet. If you choose not to use Inter-vlan routing then you will need to setup natting. If you choose to do it that way you will need further research and may need Cisco's help on how to get that done in this router.

Albert.- CCNPx2