Business Community > Controllers > How to route between different vlans?
< Controllers

How to route between different vlans?

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

How to route between different vlans?

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
How to route between different vlans?
How to route between different vlans?
2021-07-07 07:02:57 - last edited 2021-07-09 04:58:28
Model: ER7206 (TL-ER7206)  
Hardware Version: V1
Firmware Version: 1.10

Im using ER7206 with Omada Software Controller.

I created 2 Vlans, but I couldn't even ping between their gateways. How to configure it?

 

  0      
 
  0      
 
#1
Options
1 Accepted Solution
Re:How to route between different vlans?-Solution
2021-07-08 08:06:22 - last edited 2021-07-09 04:58:28

@kibokura056 

 

use this video for stopping inter vlan communication:

 

https://www.youtube.com/watch?v=7i17jvrIjD0

 

basically you create rules in the switch ACL to block your VLAN from accesing the default LAN and that is about it.

 

Deny > all protocols > network (vlan home) to network (lan). 

 

setup a rule to prevent the acces to the gateway or switch from vlan by using ip port group with the subnets of lan and vlan gateways/32 (32 means that you block only that ip)

 

note: if you have your desktop connected to the 7-8 ports and you lock yourself out of the router/gateway just remember to change the port to the 1-6 if you want to connect to the router or use a cloud controller if you have one set up

 

for anything more complicated, pray that maybe somebody from tp link will actually make working examples on how to allow exceptions targeted at device level trough the deny rules with acl. omada has alot of potential, but for now is still behind the competition. 

Recommended Solution
  2  
  2  
#6
Options
7 Reply
Re:How to route between different vlans?
2021-07-07 13:15:53 - last edited 2021-07-07 13:17:12

@kibokura056 by default all inter vlan communication is open, you should ping whatever you want. 

 

if you don't have a switch you cant use vlans without vlan aware devices that could tag their own traffic (switches, ap's), so maybe you can't ping anything because you only have devices on vlan1?

  0  
  0  
#2
Options
Re:How to route between different vlans?
2021-07-07 16:04:14

@userNAC 

 

I assigned Vlan1 and Vlan2 to the port connected to the switch that surpports tag Vlan.

 

The settings on the Switch are as follows.

Please help.

 

 

  0  
  0  
#3
Options
Re:How to route between different vlans?
2021-07-07 20:15:42 - last edited 2021-07-07 20:37:58

@kibokura056 

Try somthin like this, I think this will work for you.

PVID is right if you want only vlan2 on port 7-8

connect router to port 1-6

 

Or this, then you have to connect router to port 1

 

 

And remember LAN interface on router, enable port you use to connect the switch

 

 

 

 

 

  1  
  1  
#4
Options
Re:How to route between different vlans?
2021-07-08 01:09:26 - last edited 2021-07-08 01:09:39

@shberge 

 

Thanks for your advice. it worked!

 

And then, routing all packets between different Vlans is inconvenient, so i want to filter it. Can you please teach me how to set the ACL of it?

  0  
  0  
#5
Options
Re:How to route between different vlans?-Solution
2021-07-08 08:06:22 - last edited 2021-07-09 04:58:28

@kibokura056 

 

use this video for stopping inter vlan communication:

 

https://www.youtube.com/watch?v=7i17jvrIjD0

 

basically you create rules in the switch ACL to block your VLAN from accesing the default LAN and that is about it.

 

Deny > all protocols > network (vlan home) to network (lan). 

 

setup a rule to prevent the acces to the gateway or switch from vlan by using ip port group with the subnets of lan and vlan gateways/32 (32 means that you block only that ip)

 

note: if you have your desktop connected to the 7-8 ports and you lock yourself out of the router/gateway just remember to change the port to the 1-6 if you want to connect to the router or use a cloud controller if you have one set up

 

for anything more complicated, pray that maybe somebody from tp link will actually make working examples on how to allow exceptions targeted at device level trough the deny rules with acl. omada has alot of potential, but for now is still behind the competition. 

Recommended Solution
  2  
  2  
#6
Options
Re:How to route between different vlans?
2021-07-09 05:02:34

@userNAC 

 

I really appreciate your help.

My switch doesn't support omada SDN so I orderd a switch that supports  it.

Ill try the method when i get the item.

  0  
  0  
#7
Options
Re:How to route between different vlans?
2021-07-09 08:10:09 - last edited 2021-07-09 08:27:47

@kibokura056 if you got a switch compatible with omada sdn, just remember to uprade it's firmware in order to use vlans properly.  try to use a rasberry pi or an oc200 and it's all good. you could set things up with software controller and forget about it.

 

after adoption and firmware upgrade you will have a vlan tab in config, enable your home vlan in config:

And edit ports

 

 

The ports with a single vlan, that have the vlan enabled in config (vlan interface) will act as untagged ports. in my config port 1 the uplink is a trunk, port 2 is also a trunk that leads to the EAP. If you are using this setup home you can leave it at that, but for business it's recommended that the unused ports should either be disabled or used with a dead end vlan (black hole) that has no dhcp and no usability.

 

 

 

  0  
  0  
#8
Options

Information

Helpful: 0

Views: 10120

Replies: 7

Related Articles
how to route different wifi ssid to different wan ports
2128 0
Route IPs through different DNS servers
334 0
 Route between VLANs
9493 0
Routing - Static Route
180 0
 regarding dhcp pool to different vlans using tl-er7206
514 0
Route VLANs over specific WAN ports?
585 0
About Us
Press
Copyright © TP-Link Systems Inc. All rights reserved.