VLAN for work computer
I have an ER605, and a SG2008P v3.20 connected with a OC200.
I have a home office and would like to isolate my work computer on its own VLAN so it only has access to the internet on LAN. I use a docking station and alternate between my own computer and my work computer.
My setup is this ->
ER605 -> SG2008P Switch -> Unmanaged Netgear Switch ->docking station
Where I am struggling is how do I isolate my work computer on its own LAN. It appears that both computer are also getting the same ip when connected to the docking station.
I can see how to isolate everything on the port on the SG20058P. Do I need to get a managed switch and swap my unmanaged switch? How can I configure this? I am new to VLANs.
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Hi @jlkweb12
Thanks for posting in our business forum.
Use the filter and you should find out some guides on this.
Knowledge Base label on the switch page contains the 802.1Q VLAN explanation and basis.
- Copy Link
- Report Inappropriate Content
@Clive_A unforunately this is only about how to set the port to a profile which I am aware of. Where the issue is that I cant set it at the port level since I am using a docking station. It would block for all computers using that docking station which I dont want to do. Any ideas?
- Copy Link
- Report Inappropriate Content
Hi @jlkweb12
Thanks for posting in our business forum.
jlkweb12 wrote
@Clive_A unforunately this is only about how to set the port to a profile which I am aware of. Where the issue is that I cant set it at the port level since I am using a docking station. It would block for all computers using that docking station which I dont want to do. Any ideas?
Did you try to read the 802.1Q VLAN explanation instead of just the Configuration Guide?
And do you know if you are setting up 802.1Q VLAN or VLAN interface after you read the CG? I mean you did not specify what you configured and it is just a generic question. I think these guides answer it better.
Try to understand the concept of the concept of VLAN you can configure now. There are differences.
I don't have any ideas but guessing and it'd be normal for me to see 802.1Q VLAN is blocking. Quite normal to see what you described so far. And no way to workaround it.
- Copy Link
- Report Inappropriate Content
It appears that both computer are also getting the same ip when connected to the docking station.
That sounds like both computers are using the MAC address of the NIC in the docking station. Do your computers have a 'MAC address pass through' option in the BIOS ?
Enabling this means that the on board NIC MAC address will be used even when in the docking station. This will mean that the computers will then be allocated different IP addresses.
You MAY then be able to use ACLs to limit access to the work computer
- Copy Link
- Report Inappropriate Content
@Clive_A I am using a VLAN interface.
Issue is that the docking station (confirmed from Anker) has a mac address and an IP and that is all the network sees right now. My issue is how to identify my work computer vs personal using the same docking station. I have tried to override the docking station as a pass through on the MAC address but that hasnt seemed to work.
Struggling to see how to identify the computer to even do anything with it.
- Copy Link
- Report Inappropriate Content
Hi @jlkweb12
Thanks for posting in our business forum.
jlkweb12 wrote
@Clive_A I am using a VLAN interface.
Issue is that the docking station (confirmed from Anker) has a mac address and an IP and that is all the network sees right now. My issue is how to identify my work computer vs personal using the same docking station. I have tried to override the docking station as a pass through on the MAC address but that hasnt seemed to work.
Struggling to see how to identify the computer to even do anything with it.
I don't know what a Docking station is. But it gets an IP address and you are saying that devices can connect to it. Gives a feeling that it is something similar to the switch?
Anyway, in the guide, if you are using the VLAN interface and you expect to achieve a separation in the network, you use ACL. Guides are available in the CG or the official website, FAQ.
To identify your devices, if you are in controller mode, you can reserver an IP address and tag it. Standalone mode, IP-MAC binding.
- Copy Link
- Report Inappropriate Content
Unless you can get the two different computers to use different MAC addresses when in the docking statiom then they will both always be assigned the same IP address by the router via DHCP .
Have you thought about configuring one of the computers with a static IP ? I suspect you can't change the work one as its probably locked down, but you ought to be able to set a static IP on your home one
Once they're using different IP addresses then you have a chance to control access
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 466
Replies: 7
Voters 0
No one has voted for it yet.