Setting up a first VLAN

I have a simple non-VLAN'ed network. I'd like to create a VLAN to carry guest traffic only. Do I need to create 2 VLAN's? one for the guest network and one for the corporate network? Or do I just create a VLAN for the guest network and leave the corporate network "untagged"? All my switches are managed and we have a SonicWall router so everything is VLAN capable but it's never been setup.

I know I will need to create trunk ports between the switches and access ports for everything else. Am I on the right track?

Thanks
Kent
LVL 1
fkoyerAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

MiftaulCommented:
By default all switch port are part of vlan1 in a managed switch. It's good to create two vlans, one for data and another for guest.

On the SonicWall, create a new virtual interface and tag that to your guest vlan.

You can them control the communication between vlans using firewall access rules if that's required.

You are right that between the switches, the connectivity has to be trunk. Also it's trunk port, that is connecting to SonicWall interface.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
fkoyerAuthor Commented:
So you recommend creating two new VLANS and not using vlan1?

The guest traffic will only need to go through 2 switches to get to the router. But I have about 5 other switches. Do I need to setup the VLAN on all the switches or just the 2 that carry the guest traffic?

Thanks!
0
MiftaulCommented:
yes, that is best practice.

No, you dont need to create the guest vlan on all the switches. Just make sure the guest vlan is present on the switch where guests are conecting and to the switches that guest vlan will pass to reach to the sonicwall.
0
Powerful Yet Easy-to-Use Network Monitoring

Identify excessive bandwidth utilization or unexpected application traffic with SolarWinds Bandwidth Analyzer Pack.

fkoyerAuthor Commented:
Excellent. I would still need to configure the corporate VLAN on all the switches, correct?
0
MiftaulCommented:
yes. That is correct.
0
fkoyerAuthor Commented:
Thanks!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Network Architecture

From novice to tech pro — start learning today.