Setting up a first VLAN

I have a simple non-VLAN'ed network. I'd like to create a VLAN to carry guest traffic only. Do I need to create 2 VLAN's? one for the guest network and one for the corporate network? Or do I just create a VLAN for the guest network and leave the corporate network "untagged"? All my switches are managed and we have a SonicWall router so everything is VLAN capable but it's never been setup.

I know I will need to create trunk ports between the switches and access ports for everything else. Am I on the right track?

Thanks
Kent
LVL 1
fkoyerAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
MiftaulConnect With a Mentor Commented:
By default all switch port are part of vlan1 in a managed switch. It's good to create two vlans, one for data and another for guest.

On the SonicWall, create a new virtual interface and tag that to your guest vlan.

You can them control the communication between vlans using firewall access rules if that's required.

You are right that between the switches, the connectivity has to be trunk. Also it's trunk port, that is connecting to SonicWall interface.
0
 
fkoyerAuthor Commented:
So you recommend creating two new VLANS and not using vlan1?

The guest traffic will only need to go through 2 switches to get to the router. But I have about 5 other switches. Do I need to setup the VLAN on all the switches or just the 2 that carry the guest traffic?

Thanks!
0
 
MiftaulCommented:
yes, that is best practice.

No, you dont need to create the guest vlan on all the switches. Just make sure the guest vlan is present on the switch where guests are conecting and to the switches that guest vlan will pass to reach to the sonicwall.
0
SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

 
fkoyerAuthor Commented:
Excellent. I would still need to configure the corporate VLAN on all the switches, correct?
0
 
MiftaulCommented:
yes. That is correct.
0
 
fkoyerAuthor Commented:
Thanks!
0
All Courses

From novice to tech pro — start learning today.