ZyXel GS19xx VLAN Configuration Help

MarkNet

Hello,

I'm trying to get some Virtual Lan Area Networks (VLAN) to work on my ZyXel GS1900-48 (V2.70) but I'm not having very much luck.

My router / firewall is an OPNSense box with one VLAN (15) that is configured correctly (currently there is an allow any-to-any rule for testing purposes with a Dynamic Host Configuration Protocol (DHCP) server enabled for the VLAN and Management interfaces). When plugged directly into the OPNSense box, I'm able to reach each the Management and VLAN Gateway's.

In this test situation, I have two cables connected; one running from my OPNSense box to the ZyXel Switch on Port 1 and my endpoint on Port 4.

If I leave every port under the VLAN ID 1 as 'Untagged' in VLAN > VLAN > VLAN Port, I'm able to grab a 192.168.1.x address from the DHCP server (i.e. OPNSense box).

When I move the VLAN ID 1 ports over to 'Tagged' and then VLAN ID 15 ports to 'Excluded' except for Port 1 as 'Tagged' and Port 4 as 'Untagged' I get an Automatic Private IP Address (APIPA).

Under VLAN > VLAN > Port, I have Port 4's PVID set to 15 and Port 1 is enabled for VLAN Trunking.

Not really sure where I'm going wrong, any help is very much appreciated; screenshots of my configuration is below. If I can provide any more information, please let me know.

VLAN Configs:


VLAN ID 1:


VLAN ID 15:


VLAN Port Config:

Zyxel_Melen

Hi @MarkNet,

Welcome to the Zyxel community!
According to your scenario and configuration, you don't need to enable the VLAN trunk function.
The switch will follow the static VLAN table and forward the VLAN 15 traffic to uplink. Since the VLAN 15 is a known VLAN, the VLAN trunk function won't be triggered.

Since the configuration is correct, could you use static IP on your PC and ping the firewall VLAN 15 interface? 
If the ping fails, please check the firewall setting.
If the ping success, please help to collect the tech support and PM it to me.
Please go to Menu > Maintenance > Configuration > Backup to collect, thanks.

Zyxel_Melen

Hi @MarkNet,

Welcome to the Zyxel community!
According to your scenario and configuration, you don't need to enable the VLAN trunk function.
The switch will follow the static VLAN table and forward the VLAN 15 traffic to uplink. Since the VLAN 15 is a known VLAN, the VLAN trunk function won't be triggered.

Since the configuration is correct, could you use static IP on your PC and ping the firewall VLAN 15 interface? 
If the ping fails, please check the firewall setting.
If the ping success, please help to collect the tech support and PM it to me.
Please go to Menu > Maintenance > Configuration > Backup to collect, thanks.

MarkNet

Zyxel_Melen said:

Hi @MarkNet,

Welcome to the Zyxel community!
According to your scenario and configuration, you don't need to enable the VLAN trunk function.
The switch will follow the static VLAN table and forward the VLAN 15 traffic to uplink. Since the VLAN 15 is a known VLAN, the VLAN trunk function won't be triggered.

Since the configuration is correct, could you use static IP on your PC and ping the firewall VLAN 15 interface? 
If the ping fails, please check the firewall setting.
If the ping success, please help to collect the tech support and PM it to me.
Please go to Menu > Maintenance > Configuration > Backup to collect, thanks.

Hello Melen,

I disabled VLAN Trunking on Port 1 and set a static Internet Protocol (IP) address on my PC to a 192.168.15.x address and I was still unable to ping the VLAN Gateway.

I'm going to look further at my firewall settings for now and will come back if necessary.

Thanks!