Netgear GSM7248v2 Layer 3 Switches - Routing VLANs with shared access to the I
Netgear GSM7248v2 - ProSafe 48 Port Layer 2 Gigabit L2 Ethernet Switch Manual
View all Netgear GSM7248v2 manuals
Add to My Manuals
Save this manual to your list of manuals |
Netgear GSM7248v2 manual content summary:
- Netgear GSM7248v2 | Layer 3 Switches - Routing VLANs with shared access to the I - Page 1
) should be used. Table of Contents VLAN-Definition ...2 Notes when setting-up VLANs 2 1 - Physical Setup ...3 2 - Logical Setup ...3 3 - Configuring the Switch management IP address 4 4 - Creating a routing VLAN 6 5 - Remove ports' VLAN membership 8 6 - Enable DHCP and create a DHCP pool per - Netgear GSM7248v2 | Layer 3 Switches - Routing VLANs with shared access to the I - Page 2
28 30 32 34 36 38 40 42T 44T 46T 48T M1 M2 M3 M4 41T 43T 45T GSM7352S 47T 42T 44T 46T 48T Default IP route : 192.168.2.254 DGFV338 Static routes: 192.168,3.0 255.255.255.0 192.168.2.1 192.168.4.0 255.255.255.0 192.168.2.1 192.168.2.254/24 - Netgear GSM7248v2 | Layer 3 Switches - Routing VLANs with shared access to the I - Page 3
1x GSM7352S Prosafe Layer3 - Firmware 7.2.1.6 3x Windows XP Computers (1 on each VLAN) 1 x Prosafe Firewall Router DGFV338 2 - Logical Setup DGFV338: LAN IP 192.168.2.254/24 DHCP enabled (192.168.2.0/24, DG 192.168.2.1, DNS 192.168.2.254) Static routes: 192.168.3.0 255.255.255.0 192.168.2.1 - Netgear GSM7248v2 | Layer 3 Switches - Routing VLANs with shared access to the I - Page 4
3 - Configuring the Switch management IP address The Management IP address (by default on VLAN1) can be setup using the CLI (Command Line Interface). The CLI should be access via HyperTerminal (or similar applications) using the Console cable included in the box User: - Netgear GSM7248v2 | Layer 3 Switches - Routing VLANs with shared access to the I - Page 5
When a Management IP address is configured, the Web Interface of the switch can be accessed. It will possible to modify the Management IP configuration via System - Management - IP configuration including the IP address, Subnet Mask, Default Gateway and Management VLAN ID. 5 - Netgear GSM7248v2 | Layer 3 Switches - Routing VLANs with shared access to the I - Page 6
To create routing VLANs access the VLAN Routing Wizard via Routing VLAN. 1) Type the VLAN ID (in the example the VLAN ID is 2) 2) Specify the IP address (192.168.2.1) and the subnet mask (255.255.255.0) 3) Expand the Port list by clicking on Unit 1 4) Select the correct option for each port that - Netgear GSM7248v2 | Layer 3 Switches - Routing VLANs with shared access to the I - Page 7
Once all the relevant VLANs have been added - a summary can be found in the VLAN routing section of the menu. In this case VLAN 2, 3, and 4 have been added to the configuration. A new Virtual port is assigned to each VLAN. 7 - Netgear GSM7248v2 | Layer 3 Switches - Routing VLANs with shared access to the I - Page 8
5 - Remove ports' VLAN membership To remove port memberships from a VLAN, the VLAN configuration must be accessed via Switching - VLAN - VLAN Membership. In order to remove a port from the VLAN memberships just continuously click on the gray box underneath the port number, until no symbol appears as - Netgear GSM7248v2 | Layer 3 Switches - Routing VLANs with shared access to the I - Page 9
In this scenario we require to remove from VLAN1, membership to those ports that appear in any of the other VLANs to ensure total VLAN separation. When setting a routing VLAN the PVID (Port VLAN ID) is automatically set to the VLAN ID. This can be confirmed using the Port PVID Configuration page. 9 - Netgear GSM7248v2 | Layer 3 Switches - Routing VLANs with shared access to the I - Page 10
6 - Enable DHCP and create a DHCP pool per VLAN The DHCP server can be enabled via the System - Services - DHCP Server Configuration page. To create a new DHCP pool, access the DHCP Pool Configuration page: 1) Select the Pool name - for ease of configuration this might - Netgear GSM7248v2 | Layer 3 Switches - Routing VLANs with shared access to the I - Page 11
), Subnet mask , Default router and DNS Server The association between a DHCP pool and a VLAN will be on the basis of the IP address assigned to the VLAN itself and the subnet mask. Therefore if it is required to associate a DHCP Pool to a VLAN ensure that the IP address assigned to the VLAN falls - Netgear GSM7248v2 | Layer 3 Switches - Routing VLANs with shared access to the I - Page 12
7 - VLAN routing By default RIP is enabled on the Layer 3 switches. RIP can be disabled on all the ports via Routing - RIP - RIP configuration or alternatively it can be disabled on a per port basis , including the VLAN virtual ports. The picture below shows RIP enable on all the Virtual ports - Netgear GSM7248v2 | Layer 3 Switches - Routing VLANs with shared access to the I - Page 13
The next picture shows that at least one device has been connected to one of the ports in VLAN 2 (Interface 0/2/1) and VLAN 4 (Interface 0/2/3) changing the Link state to "Link up". 13 - Netgear GSM7248v2 | Layer 3 Switches - Routing VLANs with shared access to the I - Page 14
possible to set the DefaultRoute. This is necessary to instruct the Layer 3 switch that any traffic not destined to the local VLANs should be sent to a Default Gateway. In our scenario the Internet Default Gateway is the DGFV338 on IP address 192.168.2.254. The DefaultRoute is configured accordingly - Netgear GSM7248v2 | Layer 3 Switches - Routing VLANs with shared access to the I - Page 15
15 - Netgear GSM7248v2 | Layer 3 Switches - Routing VLANs with shared access to the I - Page 16
9 - Configuring static routes on the Internet Default Gateway In order to ensure the Internet Gateway is aware on how to return traffic to devices in VLAN not directly attached to it, static routes must be configured for each VLAN. The following two pictures provide a summary of how this is achieved - Netgear GSM7248v2 | Layer 3 Switches - Routing VLANs with shared access to the I - Page 17
10 - Saving the configuration The switch does not save the configuration automatically every time a change is performed, either via the CLI or the WEB GUI. It is necessary to force the saving, which can be achieved via Maintenance - Save Config 17
FSM73xx GSM73xx GMS72xxR
–
Shared access to the Internet across
Multiple routing VLANs using a Prosafe Firewall
This document describes how to:
-
Create multiple routing VLANs
-
Obtain Internet access on multiple VLANs using one Internet gateway
The procedure described can apply to most Layer 2 and Layer 3 Switches and VPN Firewall with new
Web Interface (defined as the one with the Menus appearing horizontally on top).
Hardware differences among different models must be taken in consideration.
NOTE:
This document is not intended to illustrate how to perform full Layer3 separation, for which Access
Control Lists (ACLs) should be used.
Table of Contents
VLAN-Definition
................................................................................................................
2
Notes when setting-up VLANs
.......................................................................................
2
1 - Physical Setup
............................................................................................................
3
2 - Logical Setup
..............................................................................................................
3
3 - Configuring the Switch management IP address
..................................................
4
4 - Creating a routing VLAN
...........................................................................................
6
5 -
Remove ports’ VLAN membership
..........................................................................
8
6 - Enable DHCP and create a DHCP pool per VLAN
.............................................
10
8
–
Configuring the switch default route
.....................................................................
14
9
–
Configuring static routes on the Internet Default Gateway
...............................
16
10
–
Saving the configuration
.......................................................................................
17