Unsolved

This post is more than 5 years old

2 Posts

6972

November 7th, 2012 15:00

Port overlapping 5448 or combining 2 vlans?

I currently have a 3rd-party vendor vlan4 setup on my 5448 switch. A vendor provided me with a vpn device and is telling me they cannot disable tagging on their end, and forcing me to create vlan5 on mine. So I created vlan5 and enabled tagging on the port so their device can connect. Now how can I setup some form of bridge to connect vlan 4 and 5, as they are on the same network. Logically, It's the same as configuring 2 ports on different vlans and connecting them with a crossover, obviously the wrong way of dong it. What are my options? (other than tell them to fix it on their end)

802 Posts

November 7th, 2012 17:00

I'm not aware of any way to combine/fuse together VLANs.  Can you not create a port for VLAN 4 in the same manner that you have the port for VLAN 5 currently enabled for tagging?  Can you explain what you mean when you say that you were forced to create VLAN 5?  

Can you provide the configuration on the interface that you have connected to the VPN device?

A Layer 3 router is needed to allow traffic flow between VLANs.

Is possible that a trunk would be the answer that you are looking for.

Trunk Links attach two VLAN aware switches (or other VLAN aware devices) together and allows for multiple VLAN frames to cross one link. On VLAN trunk links, all frames must be tagged with the respective VLAN ID’s.  The native VLAN must match on all switches in the segment. (VLAN 1 is default Native VLAN).  The native VLAN is NOT tagged.

Hope this helps,

Keep us updated if you can.

2 Posts

November 7th, 2012 18:00

They have 802.1Q enabled on the lan side of their vpn and are unable to change that other than the vlan number which is currently 5. I have to enable a port on the 5448 to trunk 5. Problem is, the devices that need to talk to this vpn are already part of a vlan that I cannot change, vlan4. So I have devices connected to an untagged vlan4 and vpn device with an interface set to vlan5 that need to talk to each other.  I saw there is a concept of client vlans or private vlans, not sure if those can be used or what the purpose of those are. Ideally I'd like traffic coming in and going out the port connected to the vpn to strip/add vlan5 but belong to vlan4 if that makes sense.

The fact that you do not understand what I'm trying to do/need and I'm having a hard enough time explaining it, is pointing to me that something is fundamentally wrong. I'm going to contact the provider again and see why removing tags is not possible, makes no sense to me. They might need internal vlans, but why I'm exposed to them, I don't know. My basic linksys router here allows vlans with/without tagging of ports.

No Events found!

Top