Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 11 replies
  • Subscribers 5 subscribers
  • Views 46613 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

VLAN Use on Home UTM

x12Mike

Greetings Folks,

  I recently delved into adding two layer-2 switches to my home network getting rid of my un-managed units.  I am trying to setup separate VLAN's for private vs guest networks.  

  Can the UTM handle multiple VLAN's on one physical NIC?  

  I modified my Internal interface to be of type "Ethernet VLAN" and set the VLAN to 1 for initial setup.  I then added two additional interfaces on that same NIC of type "Ethernet VLAN".  I setup Private on VLAN 10 and Public on VLAN 20.  192.168.10.1/24 and 192.168.20.1/24 respectively.

  In essence all on eth0, I have:

VLAN 1  -  192.168.254.1/24

VLAN 10  -  192.168.10.1/24

VLAN 20  -  192.168.20.1/24

  My layer-2 switch is connected to the UTM on port 1, and set as a trunk port allowing VLAN 1,10,20 to it.

  When I add ports to VLAN 10 or 20, I am getting a fair amount of packet-loss when pinging those Interfaces from machines plugged into these tagged ports.  I have tried to set the PVID of the switchport to the matching VLAN and that isn't helping the problem either.

  So in addition to the initial question above, I'm trying to diagnose if this is a misconfiguration of my switch, or if I am setting up the UTM incorrectly.

  Any thoughts or comments would be greatly appreciated! :)



This thread was automatically locked due to age.
Parents
  • 0

    “ I modified my Internal interface to be of type "Ethernet VLAN"” I did not do that, I left the physical interface at “Ethernet” and added two vitrual interfaces as "Ethernet VLAN" and then had my smart switch untagged on VLAN1 and tagged on 20 and 30. This or Ian’s suggestion should fix your problem. Q. Did you set up any manual routing for these new VLANs?

  • 0 in reply to JamieLoy
    This is the same setup I have. I have 2 NICs (LAN, WAN), and I have 3 interfaces on the LAN side: (1) regular Ethernet for standard home network, (2) VLAN for guest, (3) VLAN for security system. The issue that I run into seldomly is that for some reason when DHCP request is received from a device on a VLAN interface, the request is received not only by DHCP server on the VLAN, but also by the DHCP server on the ethernet interface. As a result, occasionally the DHCP address given out will be within the ethernet interface address pool, which of course doesn't work. Do you run into the same issue?

    The DHCP server is on Sophos UTM and I use Cisco SG200-26 switch.

    Other than the issue above, if the correct address is served, everything works as expected.

    Thanks!
Reply
  • 0 in reply to JamieLoy
    This is the same setup I have. I have 2 NICs (LAN, WAN), and I have 3 interfaces on the LAN side: (1) regular Ethernet for standard home network, (2) VLAN for guest, (3) VLAN for security system. The issue that I run into seldomly is that for some reason when DHCP request is received from a device on a VLAN interface, the request is received not only by DHCP server on the VLAN, but also by the DHCP server on the ethernet interface. As a result, occasionally the DHCP address given out will be within the ethernet interface address pool, which of course doesn't work. Do you run into the same issue?

    The DHCP server is on Sophos UTM and I use Cisco SG200-26 switch.

    Other than the issue above, if the correct address is served, everything works as expected.

    Thanks!
Children
No Data
Unfiltered HTML