cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3889
Views
0
Helpful
15
Replies

RVS4000 Private networking, setting up VLANs need help!

ahildershavn
Level 1
Level 1

Hello,

I live in a two family residential house and we share a common fibre connection to the internet. In the basement we have a modem/router(zyxel) which is in "bridge mode".  Therefore not acting as DHCP.

Behind this zyxel we have a Cisco RVS4000 router. Ports 1 and 2 go to family A, and Ports 3 and 4 go to family B.

Family A and B have separate routers which are both set to "access point mode". Family A has an ASUS RT-N66U router while family B has a dlink DIR-615. The asus has an "access point mode" while the dlink needs to be set up manually to achieve this. The dlink must also have a static IP adress. The asus can receive ip adress.

What I have unsuccessfully tried to achieve and am currently begging for help with is to separate the networks so that both families can access internett, but at the same time it must be impossible to access VLAN1(Family A) from VLAN2(Family B) vice versa. Meaning no communication between the two families through the local network.

I have tried different options but I am not sure how to deal with trunk, tagged, untagged etc. etc. etc. It seems every time I manage to create two different networks there is still accessability/communication between the two VLANs and everytime I manage to give out different IP adresses to different ports i.e. 192.168.10.xx and 192.168.2.xx it is still possible to communicate. What also usually happens is that the internetconnection is severed at the same time.

Could anyone be so kind as to help me out? Since I am quite unseasoned in networking I need a step-by-step guide stating every action I need to take. If possible also with illustrations.

Any help will be much appreciated.

2 Accepted Solutions

Accepted Solutions

Hi Andreas, you do not need to setup any trunks or tag any traffic for what you are trying to achieve.  Trunking and tagging would only be required if Family A (VLAN 1) or Family B (VLan 2) are configuring additional VLANs on thier Access points.  Lets say VLan1 is going to Family A and then Family A wants to setup VLan 3 and Vlan 4 on their AP, then you would need to setup the line going to Family A as trunk and tag all the traffic.  If Family A is only using VLan 1, then there is no need to setup the line as Trunk.

I would like to suggest that you setup all 4 ports of the router as "Untagged" and disable InterVLan Routing between Vlan1 & Vlan2.  This should accomplish what you are trying to do.

View solution in original post

Hello,

     It sounds like you have almost everything set up but the vlan tagging on the ports. You will need to have inter-vlan routing disable which it seems like you have already done (enabling this feature will allow vlans to talk to one another). You may need to take a screen shoot of how everything is set up under L2 switch. Make sure all the ports are set to untagged and set to access port, you will need to put VLAN 1 on ports 1 and 2 and VLAN 2 on ports 3 and 4. As long as all the ports are set to access ports and untagged you should be fine at this point.

If you are still having issues take some screen shoots so we can check and see how it is set up.

Edit: while looking at the admin guide I see they are not called access ports. Guess its been a while since I've checked out a RVS4000.

Hope that helps!

Thanks,

Clayton Sill

View solution in original post

15 Replies 15

ahildershavn
Level 1
Level 1

By the way, I have tried now to separate the networks. My computer is connected to port 1, and vlan 2 which is on giving out ip adresses 192.168.2.XX.  To connect to the router I must therefore enter 192.168.2.1. This works fine, but when I go to Status and Local Network, I see that my computer has been given an ip of 192.168.10.xx which has been designated for vlan 1 and ports 3 and 4.

Why does this happen?

Oh man I have done this many time. So it should like you are just needing to setup two vlans on the rvs4000. Right. And you don't want vlan1 to talk to vlan2 and vise versa?


Sent from Cisco Technical Support iPad App

Yes, that is correct, will you be able to guide me step by step?

Both vlans need access to the internett throught the rsv4000 wan port connected to the router/modem(in bridge mode).

Sure I can. What i will do take a few screenshots of this when I get home. Of how many computers are you expecting connecting to each vlan? The revs only has. 4 ports total.

Sent from Cisco Technical Support iPad App

The two routers in access point mode(asus and dlink) are (because of cell-phones, ipads, playstations, computers etc.) each connected to perhaps 10 units, but an ip range should allow for up to 20 units on each VLAN. The total number of units retrieving ip from the RVS4000 is never more than 20 in total I believe. 

Hi Andreas,

Make sure you have two different VLANs configured (example: VLan 1 & VLan 2).  Also confirm that Family 1 & Family 2 are setup on different VLans using two different IP subnets. For example:  Family 1 = 192.168.1.x /24 and family 2 = 192.168.2.x /24.

In RVS4000's settings, goto Setup > Advanced Routing.  At the bottom of the page, find the section called, Inter-VLAN-Routing and set it to Disable and save it.

This will isolate VLan 1 traffic from VLan 2 traffic while giving them access to the internet.  Hope this helps.

Shahid

Thank you Shahid Chaudhary I have tried this before without success, I think I must be doing something wrong with the trunk, untagget, tagged settings for the vlans?

Best regards,

Andreas

Hello,

create a new vlan

Assigned port 1&2 or 3&4 to this new differnet vlan ( untagged)

create a new dhcp scope for this new vlan

res

Paul

Please don't forget to rate this post if it has been helpful.


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Hi Andreas, you do not need to setup any trunks or tag any traffic for what you are trying to achieve.  Trunking and tagging would only be required if Family A (VLAN 1) or Family B (VLan 2) are configuring additional VLANs on thier Access points.  Lets say VLan1 is going to Family A and then Family A wants to setup VLan 3 and Vlan 4 on their AP, then you would need to setup the line going to Family A as trunk and tag all the traffic.  If Family A is only using VLan 1, then there is no need to setup the line as Trunk.

I would like to suggest that you setup all 4 ports of the router as "Untagged" and disable InterVLan Routing between Vlan1 & Vlan2.  This should accomplish what you are trying to do.

Hello,

I have once again tried what you suggested. Problem is, my computer which is connected to vlan 2(gateway ip 192.168.2.1) is still getting ip from vlan1(gateway ip 192.168.10.1) even though I have deactivated and re-activated the network card. Same thing happens to my access point. It is getting the wrong ip adress, can there be a bug in the hardware of the cisco?

My version is:

Version:V2.0.2.7

Is it outdated?

The access point from dlink must have a static ip, and I thought that would also be nice for the asus to have, problem is that my computer connected through the asus(static ip 192.168.2.100) is still getting ip 192.168.10.xxx something.

Whats going on?

Do you want me to send you a few screenshot on this? I am trying to fine my Spair rvs but I do have one at home I can show you how it needs to be setup. And note, just because from vlan2 you can ping vlan1 default gateway that does not mean you can ping a client on at vlan.

Sent from Cisco Technical Support iPad App

Hello,

that would be nice.

I have one additional question.

My access point on vlan1 is still getting ip adress from vlan2, could this be because one of the computers are connectec by wireless to both my access point and my neighbours access point at the same time?

How could it else happen?

Hello,

     It sounds like you have almost everything set up but the vlan tagging on the ports. You will need to have inter-vlan routing disable which it seems like you have already done (enabling this feature will allow vlans to talk to one another). You may need to take a screen shoot of how everything is set up under L2 switch. Make sure all the ports are set to untagged and set to access port, you will need to put VLAN 1 on ports 1 and 2 and VLAN 2 on ports 3 and 4. As long as all the ports are set to access ports and untagged you should be fine at this point.

If you are still having issues take some screen shoots so we can check and see how it is set up.

Edit: while looking at the admin guide I see they are not called access ports. Guess its been a while since I've checked out a RVS4000.

Hope that helps!

Thanks,

Clayton Sill

Hello and thank you all. Everything seems to be working perfect now.

The two routers in access mode has been given a static ip, so that I always know the right adress for configuration.

The problem I noticed today, and the reason I didn't think this setup worked before was that I discovered that the computer I had used to do the setup and testing for some reason even with the right IP adress it got the wrong DNS server ip. That is why I didn't get any internetconnection from one of the vlans. I have now set DNS server static in the network settings on my computer.

Thank you all very much for all the help :-) It is much appreciated.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: