Zyxel xs3800-28 vlan routing
Freshman Member
My organizations is planning to use 2 Zyxel xs3800-28 in stacking mode as core switches in LAN soon.
The LAN project provides creating:
1) I need to route traffic from Vlan 10 to Vlan 20, and from Vlan 20 to Vlan 10;
3) Traffic from Vlan 30 to 10, 20 must be blocked, excluding a single source IP from Vlan 30 (192.168.30.200/24).
Will I be able to solve this using these switches and can you share an approximate configuration for this?
Best Answers
-
Welcome to the Zyxel community!
The below suggest configuration is based on the 4.80(ABML.1)C0 version.
For the first question, you could reference our Handbook page 43 to set up the inter-VLAN routing.
For the second and the third question, you could use the ACL to fulfill your requirement.
Here's the setup suggestion:
- Please search ACL to enter Classifier > Classifier Global Setting. Change the “match order” to Manual.
- Please go to Classifier > Classifier Setup to add classifiers.
- Add classifier “VLAN 10 to VLAN 30 specific IP” with the source IP with VLAN 10 subnet and the destination IP with VLAN 30 specific IP address. And no need to change the weight.
- Add classifier “VLAN 30 specific IP to VLAN 10” with the source IP with VLAN 30 specific IP address and the destination IP with VLAN 10 subnet. And no need to change the weight.
- Add classifier “VLAN 30 deny all to VLAN 10” with the source IP with VLAN 30 subnet and the destination IP with VLAN 10 subnet. The weight should be changed to a lower weight, I use 3276 for example.
- Same setting for VLAN 20 to VLAN 30.
- Add classifier “VLAN 10 to VLAN 30 specific IP” with the source IP with VLAN 10 subnet and the destination IP with VLAN 30 specific IP address. And no need to change the weight.
- Please go to ACL > Policy Rule to add the policy rules.
- Add a policy rule for the classifier “VLAN 10 to VLAN 30 specific IP”. All actions do not need to change.
- Add a policy rule for the classifier “VLAN 30 specific IP to VLAN 10”. All actions do not need to change.
- Add a policy rule for the classifier “VLAN 30 deny all to VLAN 10”. The Forwarding action should be changed to Discard the packet.
- Add a policy rule for the classifier “VLAN 10 to VLAN 30 specific IP”. All actions do not need to change.
If there's any question, please feel free to ask.
Hope it helps.
Zyxel Melen1 - Please search ACL to enter Classifier > Classifier Global Setting. Change the “match order” to Manual.
-
Hi @Smartqwerty,
Here's the CLI Reference Guide.
By the way, here's the download library page of XS3800. You could also find the CLI Reference Guide and the firmware here.
Zyxel Melen0
Zyxel Employee
All Replies
-
Welcome to the Zyxel community!
The below suggest configuration is based on the 4.80(ABML.1)C0 version.
For the first question, you could reference our Handbook page 43 to set up the inter-VLAN routing.
For the second and the third question, you could use the ACL to fulfill your requirement.
Here's the setup suggestion:
- Please search ACL to enter Classifier > Classifier Global Setting. Change the “match order” to Manual.
- Please go to Classifier > Classifier Setup to add classifiers.
- Add classifier “VLAN 10 to VLAN 30 specific IP” with the source IP with VLAN 10 subnet and the destination IP with VLAN 30 specific IP address. And no need to change the weight.
- Add classifier “VLAN 30 specific IP to VLAN 10” with the source IP with VLAN 30 specific IP address and the destination IP with VLAN 10 subnet. And no need to change the weight.
- Add classifier “VLAN 30 deny all to VLAN 10” with the source IP with VLAN 30 subnet and the destination IP with VLAN 10 subnet. The weight should be changed to a lower weight, I use 3276 for example.
- Same setting for VLAN 20 to VLAN 30.
- Add classifier “VLAN 10 to VLAN 30 specific IP” with the source IP with VLAN 10 subnet and the destination IP with VLAN 30 specific IP address. And no need to change the weight.
- Please go to ACL > Policy Rule to add the policy rules.
- Add a policy rule for the classifier “VLAN 10 to VLAN 30 specific IP”. All actions do not need to change.
- Add a policy rule for the classifier “VLAN 30 specific IP to VLAN 10”. All actions do not need to change.
- Add a policy rule for the classifier “VLAN 30 deny all to VLAN 10”. The Forwarding action should be changed to Discard the packet.
- Add a policy rule for the classifier “VLAN 10 to VLAN 30 specific IP”. All actions do not need to change.
If there's any question, please feel free to ask.
Hope it helps.
Zyxel Melen1 - Please search ACL to enter Classifier > Classifier Global Setting. Change the “match order” to Manual.
-
Good afternoon!
Your answer was very helpful, thank you!
Based on the
handbook, we don't have to write static routes, it looks like a
full-fledged level 3 switch!I didn't find the cli reference for this
switch in the downloads library, could you give a link to the download cli reference or maybe full documentation pack?
Thank you!0 -
Hi @Smartqwerty,
Here's the CLI Reference Guide.
By the way, here's the download library page of XS3800. You could also find the CLI Reference Guide and the firmware here.
Zyxel Melen0
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 151 Nebula Ideas
- 98 Nebula Status and Incidents
- 5.7K Security
- 277 USG FLEX H Series
- 277 Security Ideas
- 1.4K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 42 Wireless Ideas
- 6.4K Consumer Product
- 250 Service & License
- 395 News and Release
- 85 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.6K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 74 Security Highlight
