Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1787
  • Last Modified:

Advice needed on configuring a router and VLANs

This is more about VLANs than the router, but I include the model information for completeness' sake. It is a WRVS4400N Linksys VPN Security Router - it has a wireless antenna and 4 physical ports, and supports VLANs.

The router allows for the creation of VLANs. My aim is to create VLAN 1 using two physical ports and the wireless antenna, while having the other two physical ports turned over to VLAN 2.

The router should provide DHCP for VLAN 1. There is a DHCP server on VLAN 2 so the router will not need to provide DHCP. This I have configured and believe to be correctly working.

VLAN 2 will be little more than a gateway between a server and modem on the other side of the router from the server e.g. Modem > Router > Server > Server's LAN.

To the nitty-grity - there is a JPG attached of the possible configurations for the ports from the router. For argument's sake, I'd like Ports 3, 4 and wireless in VLAN 1, with 1 & 2 in VLAN 2.

No DHCP traffic from VLAN 1 should enter VLAN 2.
VLAN 2 should be able to access NTFS shares on VLAN 1
VLAN 1 should not be able to access VLAN 2.
There will be VPN traffic on VLAN 2, but not VLAN 1.

I'm not familiar with how to assign ports for VLANs, so would appreciate an explanation of what Trunk, General and Access means and what the router means where it specifies "acceptable ingress type". I vaguely understand tagging frames from the OSI model, but if there is some special significance for VLANs, please explain that also. Finally, although I could probably figure out from that point how to configure it, a quick definition of how I should configure my ports would be really helpful.

Thanks for reading this question!
VLAN-Setup.jpg
0
AdoBeebo
Asked:
AdoBeebo
  • 2
1 Solution
 
pjcooleCommented:

IEEE 802.1.Q explains VLANS
http://en.wikipedia.org/wiki/IEEE_802.1Q

A Trunk port is a port that carries data from multiple VLANS Such if you needed more that 4 ports in the future and want to add a switch that supports vlans and some ports on the new switch to be on vlan1 and vlan2 then you would plug the new switch into a trunk port to access both vlans.

Access port will be a port that is on a single vlan that is what you want to choose for your ports.  When configuring your ports as Access ports you shouldnt be able to choose tagged vs untagged. In a sense Untagged ports are Access ports and tagged are Trunk ports (the tags designate what vlan the traffic is for on a trunk port)


Just set all of your ports up as access ports since you are trying to make each port physically part of a single vlan.
0
 
AdoBeeboAuthor Commented:
I set all of the ports to access, divided across 2 VLANs, but hit a problem when some wireless DHCP clients didn't receive an IP address. I've removed the VLANs for now, and will revisit the configuration in a few days, then post back.

0
 
AdoBeeboAuthor Commented:
Cheers, good clear description
0

Featured Post

[Webinar On Demand] Database Backup and Recovery

Does your company store data on premises, off site, in the cloud, or a combination of these? If you answered “yes”, you need a data backup recovery plan that fits each and every platform. Watch now as as Percona teaches us how to build agile data backup recovery plan.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now