VLAN with non-vlan aware router

EdRD
EdRD Posts: 1
edited April 14 in Switch
I have a GS1900 switch attached to my router on port 1 (Asus RT66U),  2 wifi access points on ports 2 and 3 (TPLINK EAP245V3) with no vlan setup.  Everything works ok.  My router handles DHCP and gives access to the internet to all devices connected.

I want to switch this to use VLANs so that I can better segregate from traffic physically attached to the other ports on the switch while still having the router provide DHCP/internet access.

My 2 AP's can assign vlan tags based on SSID.  I would then define each of these vlans on the switch and I can then set switch ports 2 & 3 as being tagged on each of the vlans.

How do I define port 1 (where my non-vlan aware router is) so that clients can get to DHCP and internet?  Is this possible?

I can think of one possible way being to connect the router to the switch multiple times - one port for each vlan labelled as untagged on switch and specifically assigned proper PVID for that vlan.  However this seems very inelegant.

All Replies

  • Zyxel小編 Lucious
    Zyxel小編 Lucious Posts: 273  Zyxel Employee
    edited April 2020
    Hi @EdRD

    Let's say you've set VLAN 20 on port 2, VLAN 30 on port 3 for the APs.
    Because only one PVID can be assigned to a port, you have to either set PVID 20 or 30 for port 1 in your case, and it will end up with one VLAN working, but not others.

    Workaround:

    Port 1 - VLAN 20 & 30, untagged-out, PVID 20
    Port 2 - VLAN 20, untagged-out, PVID 20
    Port 3 - VLAN 20 & 30, untagged-out, PVID 30

    Traffic from clients to router will be segregated based on different PVID.
    But traffic from router to clients will be all VLAN 20, the unicast packet to port 3 will be flooded to all ports since there is no corresponded port 3 MAC address in VLAN 20.

    Zyxel_Lucious
  • Zyxel小編 Lucious
    Zyxel小編 Lucious Posts: 273  Zyxel Employee
    BTW, this forum is for home devices, for our business model devices such as GS1900 series, you may seek our biz forum.
    https://businessforum.zyxel.com/

    Thanks!
  • A tagged or trunk port is meant to carry data between VLAN aware switches and not as a means to bridge networks (this is the job of a router..TellMazzios 
Sign In to comment.

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click on this button!