big_daddy_pimp
asked on
Multiple VLAN setup How to
Hi Guys,
I Have a Newtork with 3 Different Companies working in it, I want to isolate all of them from seeing each other for security and privacy reasons.
I have a Dlink DGS-1210-24 Smart Switch.. How Do I setup the Vlans to do this.. I have been playing for Hours know and Cant get it to work..
VID 1 Default Network Untagged Vlan Ports 1-24 Ip 192.168.33.0/24
VID 2 Tagged VLAN Port 1-2 IP 10.0.0.0/24
VID 3 Tagged ports 3-4 IP ip 192.168.100.0/24
I plug my machine into Port 1 and still get 192.168.33.X address ??????
I have Defined My Vlans at the Router for VLAN 2,3 my router also has the Functionality of DHCP on the VLAN interfaces which I have setu , cant get it to work..
What ele do I need to do to get this to work..
what am i doing wrong..??
thanks in Advance
Big_Daddy
I Have a Newtork with 3 Different Companies working in it, I want to isolate all of them from seeing each other for security and privacy reasons.
I have a Dlink DGS-1210-24 Smart Switch.. How Do I setup the Vlans to do this.. I have been playing for Hours know and Cant get it to work..
VID 1 Default Network Untagged Vlan Ports 1-24 Ip 192.168.33.0/24
VID 2 Tagged VLAN Port 1-2 IP 10.0.0.0/24
VID 3 Tagged ports 3-4 IP ip 192.168.100.0/24
I plug my machine into Port 1 and still get 192.168.33.X address ??????
I have Defined My Vlans at the Router for VLAN 2,3 my router also has the Functionality of DHCP on the VLAN interfaces which I have setu , cant get it to work..
What ele do I need to do to get this to work..
what am i doing wrong..??
thanks in Advance
Big_Daddy
sweetfa2
Change your VID1 to ports 5-24
Can you post the config from the router and the config (or screenshot if its a GUI) of the Dlink switch.
My best guess right now is either the connection between the router and switch isn't trunked or the devices are using different VTP protocols.
My best guess right now is either the connection between the router and switch isn't trunked or the devices are using different VTP protocols.
ASKER
I haven't setup any Trunking, how do I go about that..
Big_Daddy
ASKER
I changed VID1 to 5-24 and know i cant communicate with anything, I moved the ports 1-4 in vid 1 to untagged.. is this correct
Big_Daddy
Let's make it simple: Tagged VLANs are for connections between switches/servers with VLAN support. Untagged is for the clients. A port can have many tagged VLANs, but only one untagged.
If this is the only switch on the network, you set all ports untagged. If there is a server on the network everyone should have access to, you put all the VLANs tagged on that port, and set up VLANs on the server.
If you got more switches, you might have to setup VLANs on them too.
The uplink to the router should also have all the VLANs tagged.
If this is the only switch on the network, you set all ports untagged. If there is a server on the network everyone should have access to, you put all the VLANs tagged on that port, and set up VLANs on the server.
If you got more switches, you might have to setup VLANs on them too.
The uplink to the router should also have all the VLANs tagged.
The issue is that you have all three VIDs going to the same ports. Is this a layer 2/3 switch, or just layer 2?
Do you want the VLANs to talk to each other or are you trying to keep them seperate?
You may also need to introduce a router to get things working...
Try VID 1 -> Port 1-4; VID 2 -> Port 5-12; & VID 3 -> Port 13-24
Do you want the VLANs to talk to each other or are you trying to keep them seperate?
You may also need to introduce a router to get things working...
Try VID 1 -> Port 1-4; VID 2 -> Port 5-12; & VID 3 -> Port 13-24
ASKER
I want 2 of the to talk to each other and the other to be isolated..
My router (Netbox) has the VLAN functionality I have setup the VLANs on the router and tagging them.
This is my first attemp at VLANS, otherwise I would have setup a extra couple of NICS in my router and seperated them like that.
I am getting confused, in my original post I mentioned what I was trying to do, is this possible or am I trying to use the VLAN for something it is not designed for..
I have attached an Image of the VLAN config page on my switch..
Big_daddy
Dlink-vlan.jpg
As I said, VLANs should only be tagged if the port goes to another managed switch, uplink to the router, or to a server that can handle tagged VLANs.
If there are clients on ports 1-4, they should be UNTAGGED.
If VLANs should have the possibility to talk to each other, you must configure that in the router.
If there are clients on ports 1-4, they should be UNTAGGED.
If VLANs should have the possibility to talk to each other, you must configure that in the router.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks Lhole,
That seems to make sense, I will be in the office tommorow again , I will try making the changes then, I will let you know how i go..
Thanks for your help..
Big_Daddy
That seems to make sense, I will be in the office tommorow again , I will try making the changes then, I will let you know how i go..
Thanks for your help..
Big_Daddy
ASKER
Thanks Lhole that works now!!
thanks for your help
Big_Daddy
thanks for your help
Big_Daddy
ASKER
Thanks