Hello,

I need help and have a qeustion regarding an issue regarding OC300 and one of our TP Link switches:

Hardware setup:

• OC300 Controller
• ER7206 Router
• 3x TL-SG3428 
• 1x TP-Link TL-SX3016F

We have attached on image about the setup and the issue. Description:

OC300

One important question: can we manage the switch 1 over the controller OC300 but the switch 1 should not be a part of the internal network? So this means that we can maybee make firmware upgrade and see status, traffic of the switch 1 but it should not assign any ip address from internal network to connected device on the switch 1. The switch is used to split our WAN connection to other devices e.g. server which has own public ip adresses over the WAN connection. Currently we have not connected the switch to controller network as we do not know how to make the setup with the controller.

We have try this with the second port of the oc300 controller but the switch isautomatically go inside our network which is not good about security reasons.

OC300

One important question: can we manage the switch 1 over the controller OC300 but the switch 1 should not be a part of the internal network? So this means that we can maybee make firmware upgrade and see status, traffic of the switch 1 but it should not assign any ip address from internal network to connected device on the switch 1. The switch is used to split our WAN connection to other devices e.g. server which has own public ip adresses over the WAN connection. And also not do a network loop etc.

We have try this with the second port of the oc300 controller but the switch isautomatically go inside our network which is not good about security reasons and we do not want to have a loop inside the network. Maybee port isolation or with VLAN and ACL?

I hope you can help with my issue.

Many thanks in advanced!