Help Needed With Configuring VLANs on GS1900-24 Switch

Fattom23

I'm having issues setting up VLANs with my Zyxel GS1900-24 switch. I have currently two VLANS running through the switch: VLAN 1 (the default) and VLAN 20 (which is for my guest network). Frames are tagged by my WAPs and passed through trunk ports on a small Netgear switch (for POE purposes) and all traffic comes into a single port on the Zyxel switch. The traffic is then supposed to go out through a single port (Port 1, if it matters) to a Mikrotik Routerboard which handles routing/DHCP duties.

Initially, I was having problems accessing VLAN 20 (when I would log into the associated SSID, no IP would ever be issued). I believe I've narrowed down the issue to the Zyxel switch. I set the VLAN 20 to be tagged on Ports 1 (the port going to the router) and 6 (the port going to the Netgear switch/APs) and left the VLAN 1 as Untagged on all ports (which was the default setting). In this configuration, I could at least access the router and get an IP on my main SSID (which should be the default VLAN 1), but I couldn't get any connection on VLAN 20 (no IP).

To try and fix the issue, I attempted to update VLAN 1 to tagged on the affected ports, and everything went haywire. I lost connection to the network on the device I used to make the change, and no device was able to connect and get an IP on any SSID or via any physical port. I eventually had to reset the switch to get any access to it at all. I see a setting under the "Ports" menu (as opposed to the "VLAN Ports") labelled "VLAN Trunking", but I'm not really clear about what it does separately from setting the Tagged ports in the VLAN Ports section.

Does anyone have any idea what I might be doing wrong and why setting up VLANs on the switch is disabling all connectivity?

PeterUK

The Netgear switch doing POE needs to do VLAN

Fattom23

I left it out of my description above, but the POE switch has all ports set as Tagged ports for both 1 and 20. I'm a little concerned now that setting all ports to Tagged on VLAN 1 is a problem.

PeterUK

Its a problem because you set to all to tag don't do that.

You should test your Mikrotik with a PC NIC set to VLAN 20 then with the GS1900-24 with VLAN 20 tag on ports 1 and 6 connect PC to port 6 and port 1 to Mikrotik.

Zyxel_Melen

Hi @Fattom23,

I assume your topology is like this:

Mikrotik router —- GS1900 —— Netgear switch —— AP

For the GS1900 part, you should make sure the ports connected to the Netgear switch and Mikrotik router are set as VLAN 20 members and tagged out. For VLAN 1, I suggest setting untagged out if you did not set VLAN 1 tagged out on the Mikrotik router.

For Mikrotik router part, did you set the DHCP server for VLAN 20? If yes, you can set a port to be a VLAN 20 untagged member with PVID 20 on GS1900 and connect a PC to GS1900 for testing, just like PeterUK said. Since the switch will send the DCHP packets with the VLAN 20 tag, this test can check if the DCHP server works properly.

In addition, the VLAN trunking you mentioned is used to make the switch forward the packets from an unknown VLAN. If you have set the VLAN, the switch will follow the VLAN table to forward traffic.