network switch vlan setup

T

terry274

Joined
Oct 16, 2010
Messages
463
Location
TN
I have a Ruckus R610 access point connected to a Netgear managed switch. The switch connects to an OPNsense firewall. The switch has no vlans set. I have two vlans set on the AP, IoT and 5G. This works, the 5G connects to 192.168.6.1 and IoT connects to 192.168.11.1.

I want to have ethernet vlans. I can do this with the switch. However, the switch is the POE supply for the AP. And when I configure the vlans on the switch the AP vlans no longer work. Only the default (1) lan connects from the AP to the firewall. I believe the switch is dropping the vlan tag from vlan 2.

My question: is it possible to have the access point configured for vlans and routed through a switch configured for addition vlans? Or do I need a separate switch for my ethernet vlans. It seems like it should work with one switch, but I tried for hours and didn’t get it.

The switch is a Netgear GS305EP POE managed switch.
@OVERKILL
Screenshot_20240704_080521.webp
 
Yes, the port that the AP is connected to will need to be trunked with every VLAN available as wireless networks tagged on that port along with the management VLAN tagged as the primary/default tag.

Then mark your additional switch ports with whatever VLANs you’d like to assign.

Reading through the docs, you'll probably want to use the later two options as the first two sound like they only create VLANs but don't allow you to excplitly define the VLAN ID.
 
Last edited:
Page 33 of the manual says you need to go through the advanced setup to trunk multiple vlans on one port.
 
terry274 said:
I have a Ruckus R610 access point connected to a Netgear managed switch. The switch connects to an OPNsense firewall. The switch has no vlans set. I have two vlans set on the AP, IoT and 5G. This works, the 5G connects to 192.168.6.1 and IoT connects to 192.168.11.1.

I want to have ethernet vlans. I can do this with the switch. However, the switch is the POE supply for the AP. And when I configure the vlans on the switch the AP vlans no longer work. Only the default (1) lan connects from the AP to the firewall. I believe the switch is dropping the vlan tag from vlan 2.

My question: is it possible to have the access point configured for vlans and routed through a switch configured for addition vlans? Or do I need a separate switch for my ethernet vlans. It seems like it should work with one switch, but I tried for hours and didn’t get it.

The switch is a Netgear GS305EP POE managed switch.
@OVERKILL
View attachment 228499
Click to expand...
Hey Terry, so just to confirm: You have the AP connected to the switch with "no configuration" (which is likely trunking all ports) at present, and when you go to create a configuration, VLAN traffic appears to be getting dropped?

I'm not familiar with that switch, but the basic setup you need is:

Firewall: Trunk port (all VLAN's, untagged is your native VLAN, probably VLAN 1) -> Switch trunk port
Switch: Uplink trunk port (all VLAN's)
Switch: AP trunk port (pruned for whatever VLAN's you want on the AP)

It looks like you need to select the "Advanced 802.1Q VLAN" button there in your screenshot.

Your other switch ports will be access ports, you can put them on whatever VLAN you want.
 
OVERKILL said:
Hey Terry, so just to confirm: You have the AP connected to the switch with "no configuration" (which is likely trunking all ports) at present, and when you go to create a configuration, VLAN traffic appears to be getting dropped?
Click to expand...
Yes, vlan 2 gets dropped. Default port 1 passes. This is when I try to create vlans on the switch. With the switch set to no vlan the AP vlans traverse correctly to the firewall.
OVERKILL said:
I'm not familiar with that switch, but the basic setup you need is:

Firewall: Trunk port (all VLAN's, untagged is your native VLAN, probably VLAN 1) -> Switch trunk port
Switch: Uplink trunk port (all VLAN's)
Switch: AP trunk port (pruned for whatever VLAN's you want on the AP)

It looks like you need to select the "Advanced 802.1Q VLAN" button there in your screenshot.
Click to expand...
My choices are: tagged, untagged, excluded. I can select PVID per port. Port Vlan ID.
OVERKILL said:
Your other switch ports will be access ports, you can put them on whatever VLAN you want.
Click to expand...
I just got back from traveling and will work on it this weekend.
Thank you to all who replied.
 
This is frustrating. I don't thing it is going to work. No matter what, I can't get vlan 2 through the switch when the switch has vlan activated. Picture of the setup:

Ethernet connected but no internet connection:
Screenshot_20240705_141335.webp


PVID table:

Screenshot_20240705_135748.webp


IoT vlan:

Screenshot_20240705_065626.webp


Default vlan:

Screenshot_20240705_140117.webp


I think I need another switch connected to the firewall to get the separate vlan on the ethernet.
 
OK, I got it. Sort of. I made ports 2,3 and 4 vlan 2 and ports 1 and 5 default, 1. Port 1 is the OPNsense and port 5 is the AP. 2,3 and 4 connect to the firewall on a separate ethernet port and are in the 192.168.7.1/24 subnet. Not exactly how I wanted it, but it does work to have my security cams on their on network.
 
terry274 said:
OK, I got it. Sort of. I made ports 2,3 and 4 vlan 2 and ports 1 and 5 default, 1. Port 1 is the OPNsense and port 5 is the AP. 2,3 and 4 connect to the firewall on a separate ethernet port and are in the 192.168.7.1/24 subnet. Not exactly how I wanted it, but it does work to have my security cams on their on network.
Click to expand...
Was going to ask you for a picture of the VLAN 2 config, similar to how you provided your VLAN 1 config in the last picture there, lol.
 
You must log in or register to reply here.

Similar threads

Donald
Unifi managed network switch
2
Replies
30
Views
632
Donald
JHZR2
What is Ubiquiti doing to my work computer connection?
2
Replies
22
Views
706
JHZR2
T
Ruckus r610
Replies
3
Views
937
terry274
R
New home build network/Wi-Fi infrastructure
2
Replies
22
Views
4K
meep
dogememe
Very Pleased with Aruba Instant On Home Network/WiFi
Replies
12
Views
3K
dogememe
Back
Top Bottom