VLAN problem with XGS1210-12

calcifer
calcifer Posts: 2
First Comment Friend Collector
edited December 2022 in Switch
I have a pfsense router connected to the XGS1210-12 on port 12 with a DAC.

On the router, I have multiple VLANs set up (VLAN IDs 10, 20, 30, 40, 50) and they are each on a different subnet. The router itself will be in VLAN 10.

For example:
- Port 12 to VLAN 10
- Port 11 to VLAN 30
- Port 6,7,8,9,10 to VLAN 20
- Port 2,3,4,5 to VLAN 40
- Port 1 to VLAN 50

How do I configure the switch to support this?

Accepted Solution

  • PeterUK
    PeterUK Posts: 3,770  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary
    edited December 2022 Answer ✓

    Port 1 with PVID 50 untag with port 12 tag VLAN50

    Port 2,3,4,5 with PVID 40 untag with port 12 tag VLAN40

    Port 6,7,8,9,10 with PVID 20 untag with port 12 tag VLAN20

    Port 11 with PVID 30 untag with port 12 tag VLAN 30

    port 12 with PVID 10 untag VLAN10


    Only problem I see is how you access the switch you may need to change its management PVID to where you want to access it.


All Replies

  • PeterUK
    PeterUK Posts: 3,770  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary
    edited December 2022 Answer ✓

    Port 1 with PVID 50 untag with port 12 tag VLAN50

    Port 2,3,4,5 with PVID 40 untag with port 12 tag VLAN40

    Port 6,7,8,9,10 with PVID 20 untag with port 12 tag VLAN20

    Port 11 with PVID 30 untag with port 12 tag VLAN 30

    port 12 with PVID 10 untag VLAN10


    Only problem I see is how you access the switch you may need to change its management PVID to where you want to access it.


  • calcifer
    calcifer Posts: 2
    First Comment Friend Collector
    Thanks @PeterUK, that worked!

    For anyone who finds this thread in the future, here is a quick tutorial with my exact steps:

    - Port 12 is connected to the pfsense router. Both the router and the switch will be at VLAN 10 but initially, I left it at PVID 1. We'll come back to that.
    - Connect to the switch directly on port 1 and access the web UI. The default IP is 192.168.1.3 but if you got something else via DHCP, find the correct IP with arp-scan.
    - Set up each of your non-management VLANs (see screenshot). For me, these are 20, 30, 40 and 50. Make sure the corresponding ports are untagged and the port to the router (trunk) is tagged.
    - Update PVID table to match your new VLANs, click Apply.
    - Now, create the management VLAN. Set port 1 as untagged and port 12 as tagged. Set port 1 PVID to 10.
    - Go to the switch management page and set Management VID to 10.
    - Go back to the VLAN page and set port 12 to PVID 10.
    - (Optional) Modify VLAN 1 and set all ports to non-member.

    You're done! If everything goes right, you should be able to do this without ever losing access to the switch. If you do, just reset and start again :)








  • Zyxel_Chris
    Zyxel_Chris Posts: 728  Zyxel Employee
    Zyxel Certified Network Administrator - WLAN Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate 50 Answers
    @calcifer,
    Thanks for sharing, it helps the community a lot!  :3

Categories

Switch Help Center

EnglishTiếng ViệtРусскийไทย中文(台灣)