Skip to content
  • Register

    • GS1200-5 VLAN Configuration Question

    Posts: 1
    edited August 2023 in Switch

    I am using a GS1200-5 with the V2.00(ABKM.2)C0 firmware.

    I am trying to configure the VLAN. On port 5 I have a switch with all management equipment, administration computers and internal trusted access points. Port 4 has internet. Ports 1-3 have untrusted guest access points.

    This is how I thought it should be configured:

    Screenshot 2023-08-23 170734.png

    However, ports 1-3 don't seem to have an internet connection. Ports 1-3 and 5 should have internet, it is just that ports 1-3 should not see devices on port 5. How is this supposed to be configured?

    Accepted Solution

    • Posts: 1,280  Zyxel Employee
      Zyxel Certified Network Engineer Level 2 - Nebula Zyxel Certified Network Engineer Level 2 - WLAN Zyxel Certified Network Engineer Level 2 - Switch Zyxel Certified Network Engineer Level 2 - Security
      Answer ✓

      Hi @RyM

      First of all, you should make sure that you have created the necessary VLAN interfaces on your router. Following this, since your Port 4 is for the internet(to router), you should tag Port 4 with VLAN10. This tagging will enable devices from VLAN10 to communicate and exchange DHCP packets with the router.

      Besides, to isolate your VLAN10 from other VLANs(ex: VLAN1) , do remember to establish the security policies on your router. For example:

      • Block traffic from VLAN10 to VLAN1
      • Block traffic from VLAN1 to VLAN 10

      For more detailed guidance about the VLAN configuration concept for web-managed switches, please refer to this FAQ:

      https://community.zyxel.com/en/discussion/17957/how-to-configure-vlan-for-web-managed-switch

      Kay

    All Replies

    • Posts: 1,280  Zyxel Employee
      Zyxel Certified Network Engineer Level 2 - Nebula Zyxel Certified Network Engineer Level 2 - WLAN Zyxel Certified Network Engineer Level 2 - Switch Zyxel Certified Network Engineer Level 2 - Security
      Answer ✓

      Hi @RyM

      First of all, you should make sure that you have created the necessary VLAN interfaces on your router. Following this, since your Port 4 is for the internet(to router), you should tag Port 4 with VLAN10. This tagging will enable devices from VLAN10 to communicate and exchange DHCP packets with the router.

      Besides, to isolate your VLAN10 from other VLANs(ex: VLAN1) , do remember to establish the security policies on your router. For example:

      • Block traffic from VLAN10 to VLAN1
      • Block traffic from VLAN1 to VLAN 10

      For more detailed guidance about the VLAN configuration concept for web-managed switches, please refer to this FAQ:

      https://community.zyxel.com/en/discussion/17957/how-to-configure-vlan-for-web-managed-switch

      Kay

    Welcome!

    It looks like you're new here. If you want to get involved, click on this button!
    Sign In
    Register

    Welcome!

    It looks like you're new here. If you want to get involved, click on this button!
    Sign In
    Register

    Quick Links

    Categories

    Switch Help Center

    EnglishTiếng ViệtРусскийไทย中文(台灣)