VLAN problem with XGS1210-12

calcifer · December 2022

I have a pfsense router connected to the XGS1210-12 on port 12 with a DAC.

On the router, I have multiple VLANs set up (VLAN IDs 10, 20, 30, 40, 50) and they are each on a different subnet. The router itself will be in VLAN 10.

For example:
- Port 12 to VLAN 10
- Port 11 to VLAN 30
- Port 6,7,8,9,10 to VLAN 20
- Port 2,3,4,5 to VLAN 40
- Port 1 to VLAN 50

How do I configure the switch to support this?

PeterUK · December 2022

Port 1 with PVID 50 untag with port 12 tag VLAN50

Port 2,3,4,5 with PVID 40 untag with port 12 tag VLAN40

Port 6,7,8,9,10 with PVID 20 untag with port 12 tag VLAN20

Port 11 with PVID 30 untag with port 12 tag VLAN 30

port 12 with PVID 10 untag VLAN10

Only problem I see is how you access the switch you may need to change its management PVID to where you want to access it.

calcifer · December 2022

Thanks @PeterUK, that worked!

For anyone who finds this thread in the future, here is a quick tutorial with my exact steps:

- Port 12 is connected to the pfsense router. Both the router and the switch will be at VLAN 10 but initially, I left it at PVID 1. We'll come back to that.
- Connect to the switch directly on port 1 and access the web UI. The default IP is 192.168.1.3 but if you got something else via DHCP, find the correct IP with arp-scan.

- Set up each of your non-management VLANs (see screenshot). For me, these are 20, 30, 40 and 50. Make sure the corresponding ports are untagged and the port to the router (trunk) is tagged.

- Update PVID table to match your new VLANs, click Apply.

- Now, create the management VLAN. Set port 1 as untagged and port 12 as tagged. Set port 1 PVID to 10.

- Go to the switch management page and set Management VID to 10.

- Go back to the VLAN page and set port 12 to PVID 10.

- (Optional) Modify VLAN 1 and set all ports to non-member.

You're done! If everything goes right, you should be able to do this without ever losing access to the switch. If you do, just reset and start again