Solved

SG300 VLAN Configuration

Posted on 2016-10-18
10
23 Views
Last Modified: 2016-11-23
I have a home network and I'm planning to install IP cameras and a Synology Surveillance station.  I created a VLAN to isolate the traffic from the IP cameras from the rest of my network. The SG-300 is configured for L3. Here’s my setup:

 Network Configuration
 The Static routing table in the SG-300 shows:

0.0.0.0            0      Default    192.168.1.1   Default                              2    1   VLAN1
192.168.1.0  24     Local                                  Directly Connected                  VLAN1
192.168.2.0 24      Local                                  Directly Connected                  VLAN2  

On the SG300, port 10 is configured for VLAN1, untagged, trunk. Port 1 and 2 are configured for VLAN2, untagged, access.

The traffic on VLAN2 appears to be isolated from VLAN1 and I can SSH into the Synology Surveillance box. I can ping the Synology box from the 192.168.1.0/24 subnet, however, if I SSH into the Synology box, I can’t ping out to the internet.

Any help would be appreciated.

Thanks,
Alan
0
Comment
Question by:alanandcorin
  • 5
  • 3
  • 2
10 Comments
 
LVL 6

Expert Comment

by:Niten Kumar
ID: 41849436
Check the NAT settings on the Netgear  router.  Is it NATing for 192.168.2.0 network.
0
 

Author Comment

by:alanandcorin
ID: 41850505
Nitenkumar, how could I check to know if it's NATing for the 192.168.2.0 network?  I can run linux commands from the Synology box on 192.168.2.4.  

Are the home Netgear routers capable or NATing to two networks? Is this possible with the standard firmware? Do I need to upgrade to DD-WRT or even another type of WiFi router?

Thanks for your help.
Alan
0
 

Author Comment

by:alanandcorin
ID: 41850853
Shouldn't it be possible for the SG300 to correctly route from VLAN2 to the internet with ACL rules?

Thanks,
Alan
0
 
LVL 6

Expert Comment

by:Niten Kumar
ID: 41850998
Are you a able to login to the console of the Netgear router?
0
 

Author Comment

by:alanandcorin
ID: 41851123
Sorry, there's no SSH nor Telenet access to the stock netgear firmware.
0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 
LVL 6

Expert Comment

by:Niten Kumar
ID: 41851165
How about web access?
0
 

Author Comment

by:alanandcorin
ID: 41851227
The router has remote management access, but all you'll get is the same GUI screens that I have access to.
0
 

Author Comment

by:alanandcorin
ID: 41851425
I updated my router to DD-WRT, so I can SSH and run commands from the console. What do you suggest?
0
 
LVL 20

Accepted Solution

by:
masnrock earned 500 total points (awarded by participants)
ID: 41852887
You should even be able to use the web interface of DD-WRT. Basically, you want to have 2 VLANs, each tied to whichever ports you'd like them set up to. That will allow you to have 2 physical connections to the switch, where you can configure the appropriate VLANs. The port that goes to the living room will obviously be configured to VLAN2, along with whichever ports will be going to the cameras.
0
 
LVL 20

Expert Comment

by:masnrock
ID: 41898861
Question answered
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Suggested Solutions

In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
Let’s list some of the technologies that enable smooth teleworking. 
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now