VLN Limit: Max of 8

Options
MikeForshock
MikeForshock Posts: 34  Freshman Member
First Anniversary 10 Comments Friend Collector
in Security

Have run into a situation where we are limited on VLAN count. By default the USG FLEX 100 will only allow 8 VLAN networks to be created.

We have now maxed that out and need to create more. Using in a router-on-a-stick type situation to segregate network segments/zones on a managed switch.

Is there a reason it is hardcoded to stop at 8?
Is there a fix or another path we can go to avoid this?

image.png

Accepted Solution

  • PeterUK
    PeterUK Posts: 2,773  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    Answer ✓
    Options

    Limited so you have to buy a bigger Zywall page 1202

    https://download.zyxel.com/USG_FLEX_100/user_guide/USG%20FLEX%20100_V5.36_Ed1.pdf

All Replies

  • PeterUK
    PeterUK Posts: 2,773  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    Answer ✓
    Options

    Limited so you have to buy a bigger Zywall page 1202

    https://download.zyxel.com/USG_FLEX_100/user_guide/USG%20FLEX%20100_V5.36_Ed1.pdf

  • Zyxel_Emily
    Zyxel_Emily Posts: 1,296  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Options

    Hi @MikeForshock,

    If you need to create more VLAN interfaces, USG FLEX 200 and USG FLEX 500 are recommended.
    Max. number of VLAN interface
    USG FLEX 200: 16
    USG FLEX 500: 64

  • MikeForshock
    MikeForshock Posts: 34  Freshman Member
    First Anniversary 10 Comments Friend Collector
    Options
    https://community.zyxel.com/en/discussion/comment/53507#Comment_53507

    Thanks for the very precise answer.

    Disappointing, will have to go another direction on this. Even the 100 is underutilized in this deployment, so anything larger is more waste.

  • PeterUK
    PeterUK Posts: 2,773  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    Options

    Why you need so many VLAN's?

  • MikeForshock
    MikeForshock Posts: 34  Freshman Member
    First Anniversary 10 Comments Friend Collector
    Options
    https://community.zyxel.com/en/discussion/comment/53534#Comment_53534

    Critical Infrastructure projects, so is very, very zero trust as the buzzwords go.

    We segment the network heavily and use the firewall to assign allowed inter vlan networking. Was attempting to use the USG as a central firewall/router (router on a stick, non-routed network) versus multiple, separately managed units. We use it for minimal operator/user devices (2-3 terminals, viewing stations) so the USG FLEX is doing very, very little work overall currently. Even a USG20/FLEX 50 was doing just fine, but it does not have the various security functions offered by the 100 or higher.

    Each location/site may have as many zones/vlans/subnets (Controls, Security, Corporate Data, IoT/Data, Guest/BYOD, Backhaul Radio/Network). Some locations have as many as 100 sites (most without Guest type networks).

Categories

Security Highlight


Read more

Security Help Center

EnglishTiếng ViệtРусскийไทย中文(台灣)