How to configure the switch to separate traffic between departments using VLAN? (V4.80 version)

Zyxel_Melen

The example shows administrators how to set up the switch to make separate traffic between departments. Using Static VLAN, hosts accessing the same VLAN will only be able to communicate with hosts accessing the same VLAN.

Note:

All network IP addresses and subnet masks are used as examples in this article. Please replace them with your actual network IP addresses and subnet masks. This example was tested using XGS2220-30.

Configure Switch-1

1. Use AdministratorPC to set VLAN 1 in Switch-1: Port 1, 2 as Normal port. (Prevent VLAN 1 broadcast packets to port 1, 2). Enter the web GUI and go to Menu > Switching > VLAN > VLAN Setup > Static VLAN > Select VID 1 > Add/Edit. Select port 1, 2 as Normal. Click “Apply”.
   
2. Use AdministratorPC to create VLAN 10 in Switch-1: Enter the web GUI and go to Menu > Switching > VLAN > VLAN Setup > Static VLAN > Add/Edit. Enable the Active setting. Type the Name and VLAN Group ID=10. Select port 1, 5 as Fixed and uncheck Tx Tagging (Untagged) on port 1 and check Tx Tagging (Tagged) on port 5. Click “Apply”.
   
3. Use AdministratorPC to create VLAN 20 in Switch-1: Enter the web GUI and go to Menu > Switching > VLAN > VLAN Setup > Static VLAN > Add/Edit. Enable the Active setting. Type the Name and VLAN Group ID=20. Select port 2, 5 as Fixed and uncheck Tx Tagging (Untagged) on port 2 and check Tx Tagging (tagged) on port 5. Click “Apply”.
   
4. Set the PVID on Switch-1: Go to Menu > Switching > VLAN > VLAN Setup > VLAN Port Setup. Set port 1 as PVID=10 (VLAN 10) and port 2 as PVID=20 (VLAN 20).
   

Configure Switch-2

1. Use AdministratorPC to set VLAN 1 in Switch-2: Port 3, 4 as Normal port (this prevents VLAN 1 from broadcasting packets to port 3, 4). Enter the web GUI and go to Menu > Switching > VLAN > VLAN Setup > Static VLAN > Select VID 1 > Add/Edit. Select port 3, 4 as Normal. Click “Apply”.
   
2. Use AdministratorPC to create VLAN 10 in Switch-2. Enter the web GUI and go to Menu > Switching > VLAN > VLAN Setup > Static VLAN > Add/Edit. Enable the Active setting. Type the Name and VLAN Group ID=10. Select port 3, 5 as Fixed and uncheck Tx Tagging (Untagged) on port 3 and check Tx Tagging (tagged) on port 5. Click “Apply”.
   
3. Use AdministratorPC to create VLAN 20 in Switch-2. Enter the web GUI and go to Menu > Switching > VLAN > VLAN Setup > Static VLAN > Add/Edit. Enable the Active setting. Type the Name and VLAN Group ID=20. Select port 4, 5 as Fixed and uncheck Tx Tagging (Untagged) on port 4 and check Tx Tagging (tagged) on port 5. Click “Apply”.
   
4. Set the PVID on Switch-2: Go to Menu > Switching > VLAN > VLAN Setup > VLAN Port Setup. Set port 3as PVID=10 (VLAN 10) and port 4 as PVID=20.
   
   

The test Result

1. The PC in the same VLAN can ping each other. PC-1 can ping PC-3 successfully, but PC-1 cannot ping PC-2.
   
   
2. PC-2 can ping PC-4 successfully, but PC-2 cannot ping PC-3.