cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
7405
Views
0
Helpful
6
Replies

VLAN configuration on RV325 firewall

DavidCUN735
Level 1
Level 1

Hello,

I've replaced my old firewall by a RV325 and I'm trying to set up my network configuration on this new firewall.
My network is composed of 2 internet access, one server which was in a DMZ, and many devices in the LAN, all connected to two switchs.

I'm encounter some issues when setting up my network configuration, especially with VLAN ; I'm trying to set up the following structure :
- VLAN1  (192.168.10.0/24): the main VLAN, where are connected most of my devices.
- VLAN2 for some devices on my LAN (192.168.20.0/24): Some others VLAN can acces to this VLAN and will also available from VPN.
- define a VLAN3 for the remote acces endpoints (192.168.30.0/24) : to be able to define some specific acces rules for wireless devices
- use a VLAN to reproduce the DMZ for my server (VLAN4, 192.168.40.0/24). Some devices on LAN can connect to this server and internet can acces too.

I'm quite a bit confusing while setting up the VLAN configuration on the RV325 interface (port management > VLAN membership) I've set up :

- VLAN1 :
    - each LAN interface is marked as untagged, and I cannot change it.
- VLAN2 and VLAN3 :
    - the link between switch and RV325 is marked as tagged. If I understand VLAN correctly, it should be marked as unttagged, but if I try to change this value, an error message is displayed which notify me that only one VLAN port can be marked as untagged.
- VLAN4 :
    - the link between server and the connected interface on the RV325 is marked as tagged.

- Inter VLAN routing and Device management is enabled for each of the defined VLAN.

And nothing work.
Can you help me to acheive this configuration?

Kind regards

6 Replies 6

mpyhala
Level 7
Level 7

DavidCUN735,

 

It sounds like you are trying to edit one VLAN ID at a time. The trick is to edit all of them at once, that way you can select at least one Untagged VLAN per port.

 

- Marty

Hello Marty,

 

First, thanks for your feedback.

The problem I have is I'm unable to edit the first one VLAN so I cannot check all them in one time: checked for this VLAN number 1 is grey.

 

For now, I've set my VLAN1 to the default VLAN (with id 1). Do I need to build another "default" VLAN ?

Does the VLAN with id 1 Is it the "trunk" VLAN ?

 

Kind regards

 

David

 

Hello,

 

Please do not take care of my previous answer: I can effectively customise all VLAN configuration including the first one.

So I've set up the following configuration:

 

I've set up the following configuration:

vlan configuration defined

 

For now,  the wifi acces and VPN VLAN works fine (they are both connected directly to rv325, wifi on part LAN2 and VPN on port LAN5).

But I'm encoutering configuration and acces problems for all devices connected on the vlan 1: If I'm connecting to LAN7 directly without any other VLAN1 devices linked directly or not to the router, I fetch the expected IP and earn Internet acces. Same thing if I'm connected directly on LAN1.

If i try to connect to the LAN1 behind the two switchs (netgear GS018P), I'm not retrieving an IP from DHCP server.

I'm not able to identify if this is a switch issue, or just a configuration problem in my VLAN.

Do you see something wrong in my configuration?

Kind regards

DavidCUN735,

 

From what I know the Netgear switches are unmanaged. If you plug the switch to any port on the router, it should pass traffic in the untagged VLAN. Can you pass traffic through the switches between two PCs with static IP addresses?

 

- Marty

Marty,
Please accept my apologies for the delay of my answer.
It seems this is a issue with one of the switch: when I use another switch, everything is fine.

 

Kind regards

David

 

I partly have the same issue - my ISP requires me to tag a specific VLAN on the WAN side. I can't find the place to tag this... ?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: