GS1900-24 - Unable to split switch into 2 different ip ranges, is this possible?

mbc0
mbc0 Posts: 11  Freshman Member
First Anniversary Friend Collector First Comment
edited May 2023 in Switch

Hi, I asked about this some time ago but cannot find the original thread, nothing I could do would make it work as I would always lose communicaton with the webui and have to reset. I tried again for 6 hours last night with the same results and am once again back using to tplink switches for each ip range. Can someone please take a look and tell me if what I am trying to acheive is possible?

Here are the interfaces on my Sophos XG Firewall

Here are the VLANS

With this setup I currently have a switch connected to port 1 and another in port 3 (ironically placed both tp-link switches on top of the GS1900-24 for over 2 years!)

the two networks are able to communicate with each other (IMPORTANT)

With the GS1900-24 on 2.70 firmware I would like to remove the 2 tplink switches and have the following.

ports 1-16 to be a switch for port1

ports 17-24 to be a switch for port2

Is this possible? Do I need an uplink? I just want the switch to behave as two independent switches for each IP range.

Many thanks in advance to anyone that can advise.

Best Answers

  • PeterUK
    PeterUK Posts: 2,704  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    edited May 2023 Answer ✓

    Sure its possible you just need to move webui to a VLAN and for VLAN1 all forbidden.

    Port 1 for webui

    Ports 2-16 with PVID 100 with port 16 as a uplink ports 2-15 untagged ports 17-24 forbidden

    then change management VLAN to 100 and connect to port 2 and see if you can login

    when logged in change port 1 to PVID 100 and set to untagged for VLAN 100

    set VLAN 1 for all ports forbidden

    ports 17-24 with PVID 101 with port 24 as a uplink ports 17-24 untagged ports 1-16 forbidden

  • mbc0
    mbc0 Posts: 11  Freshman Member
    First Anniversary Friend Collector First Comment
    edited May 2023 Answer ✓

    Hi, thank you!! I have only been using untagged and excluded never tried forbidden.

    Apologies if this is a dumb question but when you say uplink you mean to my xg firewall? I.e. sophos port 1 to port 16 on the switch in your example?

    Thank you again! Would love to get this to work.

  • PeterUK
    PeterUK Posts: 2,704  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    Answer ✓

    You likely will not need to use LAG but in short say you wanted to add another switch with LAG to VLAN 100 you use two ports of VLAN100 and two ports to the other switch with LAG then say the 1st switch has two PC and the 2nd has two PC instead of being limited to 1Gb between the two ports LAG could give you more bandwidth over two port between the switches.

All Replies

  • PeterUK
    PeterUK Posts: 2,704  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    edited May 2023 Answer ✓

    Sure its possible you just need to move webui to a VLAN and for VLAN1 all forbidden.

    Port 1 for webui

    Ports 2-16 with PVID 100 with port 16 as a uplink ports 2-15 untagged ports 17-24 forbidden

    then change management VLAN to 100 and connect to port 2 and see if you can login

    when logged in change port 1 to PVID 100 and set to untagged for VLAN 100

    set VLAN 1 for all ports forbidden

    ports 17-24 with PVID 101 with port 24 as a uplink ports 17-24 untagged ports 1-16 forbidden

  • mbc0
    mbc0 Posts: 11  Freshman Member
    First Anniversary Friend Collector First Comment
    edited May 2023 Answer ✓

    Hi, thank you!! I have only been using untagged and excluded never tried forbidden.

    Apologies if this is a dumb question but when you say uplink you mean to my xg firewall? I.e. sophos port 1 to port 16 on the switch in your example?

    Thank you again! Would love to get this to work.

  • PeterUK
    PeterUK Posts: 2,704  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer

    yes uplink to xg firewall ports

  • mbc0
    mbc0 Posts: 11  Freshman Member
    First Anniversary Friend Collector First Comment

    I cannot thank you enough! after years it is finally working as I intened :-) If you don't mind, I just have one last question? what do I do (if anything) with the LAG ports?

  • PeterUK
    PeterUK Posts: 2,704  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    Answer ✓

    You likely will not need to use LAG but in short say you wanted to add another switch with LAG to VLAN 100 you use two ports of VLAN100 and two ports to the other switch with LAG then say the 1st switch has two PC and the 2nd has two PC instead of being limited to 1Gb between the two ports LAG could give you more bandwidth over two port between the switches.

  • mbc0
    mbc0 Posts: 11  Freshman Member
    First Anniversary Friend Collector First Comment

    Thank you, I can see no need to do that as this switch is overkill for what I need, thank you again for your help, you have been amazing!