How do I configure VLANs to isolate traffic but also connect to the internet?

cwilkinson

Good Afternoon,

I'm trying to set up VLANs on a Zyxel 24 port switch to all connect through the same outbound port to the internet (via a router).

The purpose of the VLANs are to isolate the device traffic from everything else on the local network so devices in one VLAN can never experience traffic from another VLAN or the regular router LAN.

All devices within each VLAN have unique IP addresses and expect to use the same gateway (ex: the devices on VLAN2 are looking for gateway 192.168.11.1 and the devices on VLAN3 are looking for gateway 192.168.11.1). 

Additionally, the devices within the VLANs can only accept untagged frames.

Can anyone help me successfully configure the switch (and, if necessary, a router) to do this? Or am I taking an incorrect approach?

Zyxel小編 Lucious

Hi @cwilkinson

Welcome to the Zyxel Community!

Based on your description, we have an idea using port isolation feature to fulfill the demand.
Let me explain with a simple topology which only contains router, switch, and two clients in same VLAN.

Configuration steps:
1. Port 1,2, and 8 all fixed in VLAN 1
2. Port 1 & 2 should be untagged, and port 8 is tagged.
3. In VLAN Port Setting, set isolation for port 1 & 2.

This makes port 1 and 2 not communicate with each other, but can still reach the gateway.
Hope this helps.

Zyxel_Lucious