Setting up a VLAN with iner VLAN routing

Posted on 2009-02-16
Medium Priority
Last Modified: 2012-05-06
I am looking at setting up 2 VLAN's on our office network that can inter-communicate with each other over UDP/IP and also communicate with the main office LAN.

Currently we only have a netgear FS526T smart switch with basic VLAN capability, and a Sonicwall pro 2040 as the gateway.

Firstly, can the current hardware be configured to do this? IS I setup the VLANs on the Netgear FS526T and tag each port, can the Sonicwall Pro 2040 be configured to do the routing between the VLAN's? Or will I need a L£ switch?

Question by:wint100
  • 3
  • 2
LVL 21

Expert Comment

ID: 23648278
I suppose, your current hardware  can handle the task.
As for all ports tagging -  be careful here.
Basically, all user ports should belong to a single vlan only, but firewall should be connected to he switch with tagged port and should do intevlan routing/filtering.

Author Comment

ID: 23648332
So how would the VLAN be routed to each each other if they aren't tagged?

I was thinking that all VLANs will be tagged, then the firewall would then route between VLANs?

Can you give me a bit more details please. I'm new to VLANS.

LVL 21

Expert Comment

ID: 23648499
vlan tag - is a packet marker, when port is assigned to multiple vlans.
so when port is a member of a single vlan, then pc is unaware about vlans at all

when port should belong to several vlans, then tagging is used to mark each packet with corresponding vlan.

as for intervlan communication
when you configure lets say two vlans on a switch (ports 1-10 in vlan 10, and ports 11-20 in vlan 20), then pcs withing different vlans will be unable to see each other.
So if you want to allow communications between vlans you will need router with two nics (or one with multiple vlans on it).
and each vlan has should has it's own subnet also

Author Comment

ID: 23648664
So would I be better off with a L3 Switch?
LVL 21

Accepted Solution

from_exp earned 2000 total points
ID: 23648768
L3 switch can do the job also, however it is not so sophisticated in filtering as firewall.
So firewall can handle the job also.

Featured Post

Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
This article will show you step-by-step instructions to build your own NTP CentOS server.  The network diagram shows the best practice to setup the NTP server farm for redundancy.  This article also serves as your NTP server documentation.
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Suggested Courses
Course of the Month9 days, 23 hours left to enroll

569 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question