Unsolved
This post is more than 5 years old
1 Rookie
•
9 Posts
0
23457
September 28th, 2015 11:00
Powerconnect 2708 VLAN Setup Help
I have a rather basic need which I seem to be missing a key step in order to get this working. I have two subnets connected to a single 2708 switch. Within those subnets certain IP's or Ports must be able to talk while blocking traffic on the others. There is a locally attached server with four NICs, teamed into 2 Teams, one on each subnet. There is also a locally attached PC that both subnets must see which has only a single NIC and IP. I had VLANS setup but this was blocking access to the locally attached PC (Scanner) so I blew that setup away in order to get things in production. We can't leave it this way as we do need to block the two subnets if for no other reason than to block DHCP request crossing subnets and screwing everything up.
Network 1 - 192.168.0.x/24
Network 2 - 192.168.1.x/24
Port 1: Server Team 1 – 192.168.0.20
Port 2: Server Team 1 – 192.168.0.20
Port 3: SCANNER – 192.168.0.21 (locally attached PC)
Port 4: Server Team 2 – 192.168.1.20
Port 5: Server Team 2 – 192.168.1.20
Port 6: Uplink – 192.168.0.x
Port 7: Uplink – 192.168.1.x
Port 8: Uplink – 192.168.1.x
Both networks MUST be able to see the server and the PC(SCANNER). The Scanner is the problem as this was tossed at me during deployment and we CANNOT make changes to this PC such as adding another NIC to it which would make this super simple.
So using VLANS can you step me through this. My thinking is to go back to my two VLAN setup then just put Port 3 (SCANNER PC) into both Subnets. Yes? Trunking by term isn't in this switch so is it automatically tunked by being in both VLANS? Tagging should be set as how? I have little to no control of subnet 192.168.0.x/24, this is a separate office. On my side, 192.168.1.1/24 is a Dell 2848.
TDSsupport
1 Rookie
•
9 Posts
0
September 28th, 2015 17:00
It's an Intel NIC, I forget the model, however we can make no hardware level changes to that scanning PC. It is managed by a vendor as it is used to power a medical device, hands off other than changing the IP settings.
Seeing the local scanning PC is not the problem at this point as much as we must stop the DHCP broadcast traffic. With VLAN1 set to U across all ports the broadcast are passing one subnet to the other. So we need to see that Scanner but also stop broadcast traffic so leaving VLAN1 across all ports is not an option.
We did move around the connections today so please see the revised Table for reference:
Network 1 - 192.168.0.x/24 - DHCP Server
Network 2 - 192.168.1.x/24 - DHCP Server
Port 1: Uplink – 192.168.1.x Server Team 1 – 192.168.0.20
Port 2: Uplink – 192.168.1.x Server Team 1 – 192.168.0.20
Port 3: Server Team 1 – 192.168.0.20
Port 4: Server Team 1 – 192.168.0.20
Port 5: Server Team 2 – 192.168.1.20
Port 6: Server Team 2 – 192.168.1.20
Port 7: Uplink – 192.168.0.x
Port 8: SCANNER – 192.168.0.21
TDSsupport
1 Rookie
•
9 Posts
0
September 29th, 2015 10:00
I have no problems with communicating between the subnets, that's the problem. I need to stop this traffic.
Two VLANS. VLAN 101 would be ports 1, 2, 3, 4. VLAN 202 would be 5, 6, 7. Now I need to remove the default VLAN1 from the setup but as soon as I set the PVID to 202 on port 5, 6, 7 I tend to loose connectivity to the switch. Something is wrong with my basic settings here for the two VLANS.
You cannot Tag or Untag VLAN 1 so in order to remove VLAN 1 from any port you have to set that ports PVID, correct? So I set Ports 1, 2, 3, 4 to Untagged VLAN 101. I then ports 5, 6, 7 to Untagged VLAN 202, correct so far right? Now I would need to go into PVID and set those corresponding Ports to the 101 and 202, right? This is all I am trying to get to right now, two separate VLANS.