Home » ZyXEL Manuals » Networking » ZyXEL GS1910-24 » Manual Viewer

ZyXEL GS1910-24 User Guide - Page 44

How to Use Private VLAN to Do Port Isolation in a VLAN, 5.6.1 Creating a Private VLAN, Internet

Get ZyXEL GS1910-24 PDF manuals and user guides

View all ZyXEL GS1910-24 manuals

Add to My Manuals
Save this manual to your list of manuals

Page 44 highlights

Chapter 5 Tutorials 5.6 How to Use Private VLAN to Do Port Isolation in a VLAN This tutorial is not applicable to the XGS1910-24 or XGS1910-48. Port isolation prevents communication between ports. You want to do port isolation in a VLAN but still allow ports to access the Internet or network resources through the uplink port in the same VLAN. You use private VLAN to do port isolation in a VLAN instead of assigning each port to a separate VLAN and creating a different IP routing domain for each individual port. By default, all ports on the Switch are in VLAN 1 and private VLAN 1. An isolated port is a port on which port isolation is enabled. An isolated port cannot communicate with other isolated ports even when they are in the same VLAN and same private VLAN. Internet In this example, you put ports 2 to 4 and 25 in private VLAN 25 and enable port isolation to block traffic between ports 2, 3 and 4. 5.6.1 Creating a Private VLAN Follow the steps below to configure port 2, 3, 4 and 25 as a member of private VLAN 25. 1 Access the web configurator through the Switch's port on which port isolation will not be enabled. 2 Go to Configuration > Private VLANs > PVLAN Membership. Click Add New Private VLAN. 3 Enter a private VLAN ID (25 for example) in the PVLAN ID field. 4 Select ports 2, 3, 4 and 25 to be members of this private VLAN. 44 GS1910/XGS1910 Series User's Guide

Section	Page
GS1910/XGS1910 Series	1
Table of Contents	3
Getting to Know Your Switch	5
1.1 Introduction	5
1.1.1 Bridging Example	5
1.1.2 High Performance Switching Example	6
1.1.3 Gigabit Ethernet to the Desktop	7
1.1.4 IEEE 802.1Q VLAN Application Example	7
1.1.5 IPv6 Support	8
1.2 Ways to Manage the Switch	8
1.3 Good Habits for Managing the Switch	8
Hardware Installation and Connection	11
2.1 Freestanding Installation	11
2.2 Mounting the Switch on a Rack	12
2.2.1 Rack-mounted Installation Requirements	12
2.2.2 Attaching the Mounting Brackets to the Switch	12
2.2.3 Mounting the Switch on a Rack	13
Hardware Overview	15
3.1 Front Panel Connections	15
3.1.1 Ethernet Ports	17
3.1.2 Dual Personality Interfaces	18
3.1.3 SFP/SFP+ Slots	18
3.1.4 Console Port	20
3.2 Rear Panel	20
3.2.1 Power Connector	21
3.3 LEDs	22
The Web Configurator	25
4.1 Introduction	25
4.2 System Login	25
4.3 The Web Configurator Layout	26
4.3.1 Change Your Password	32
4.4 Switch Lockout	32
4.5 Logging Out of the Web Configurator	32
4.6 Help	32
Tutorials	33
5.1 How to Change Switch Management IP Address	33
5.2 How to Configure Login Accounts and Privilege Levels	34
5.3 How to Manage a Configuration File	36
5.3.1 Backing up a Configuration File	36
5.3.2 Restoring a Configuration File	37
5.4 How to Create a VLAN	38
5.4.1 Setting Port VID	39
5.5 How to Set Up a Guest VLAN with IEEE 802.1x Authentication	41
5.5.1 Creating a VLAN for Port which is not IEEE 802.1x enabled	41
5.5.2 Enabling IEEE 802.1x Port Authentication and Guest VLAN	42
5.6 How to Use Private VLAN to Do Port Isolation in a VLAN	44
5.6.1 Creating a Private VLAN	44
5.6.2 Enabling Port Isolation	45
5.7 How to Use IP Source Guard and DHCP Snooping to Prevent Spoofed Traffic	45
5.8 How to Use DHCP Relay on the Switch	48
5.8.1 Creating a VLAN	49
5.8.2 Configuring DHCP Relay	49
5.8.3 Troubleshooting	50
5.9 How to Use Link Aggregation to Group Multiple Ports into One Logical Link	50
5.9.1 Static Port Trunking	50
5.9.2 Dynamic Port Trunking	51
5.10 How to Analyze Traffic Using Mirroring	52
5.10.1 Configuring Mirroring	53
5.10.2 Configuring Remote Port Mirroring	54
5.11 How to Use IGMP Snooping to Reduce Multicast Traffic Passing through your Switch	60
5.12 How to Configure Access Control List (ACL) for Packets Filtering	63
5.13 How to Reset the Switch via the Console Port	66
Troubleshooting	69
6.1 Power, Hardware Connections, and LEDs	69
6.2 Switch Access and Login	70
Legal Information	73

Match case Limit results 1 per page

Chapter 5 Tutorials

GS1910/XGS1910 Series User’s Guide

5.6

How to Use Private VLAN to Do Port Isolation in a

VLAN

This tutorial is not applicable to the XGS1910-24 or XGS1910-48.

Port isolation prevents communication between ports. You want to do port isolation in a VLAN but

still allow ports to access the Internet or network resources through the uplink port in the same

VLAN. You use private VLAN to do port isolation in a VLAN instead of assigning each port to a

separate VLAN and creating a different IP routing domain for each individual port.

By default, all ports on the Switch are in VLAN 1 and private VLAN 1. An isolated port is a port on

which port isolation is enabled. An isolated port cannot communicate with other isolated ports even

when they are in the same VLAN and same private VLAN.

In this example, you put ports 2 to 4 and 25 in private VLAN 25 and enable port isolation to block

traffic between ports 2, 3 and 4.

5.6.1

Creating a Private VLAN

Follow the steps below to configure port 2, 3, 4 and 25 as a member of private VLAN 25.

Access the web configurator through the Switch’s port on which port isolation will not be enabled.

Go to

Configuration > Private VLANs > PVLAN Membership

. Click

Add New Private VLAN

Enter a private VLAN ID (25 for example) in the

PVLAN ID

field.

Select ports 2, 3, 4 and 25 to be members of this private VLAN.

Internet