FWG Plus - Tag Port to VLAN (No Switch)
Can FWG Plus have a VLAN, assigned to a port, without the use of a switch? I essentially have a switch in place just to do the assignment for one device to VLAN 5.
The rest of the devices on VLAN 5 are wireless. I had hoped to be able to plug this particular device straight into port 2 and it always know it's VLAN5.
-
If your switch already assigned one device to VLAN 5, when that traffic arrive to firewalla, it will need to be tagged VLAN5, then it should just work.
If your switch assigned a port as access port (no tagging) VLAN5, traffic arrive to firewalla will not be tagged, so you really don't need the firewalla to tag anything.
-
So I have VLAN 5 associated with port 2 on the Firewalla but when I plugged the device straight into that port, it wouldn't get an IP. I had a cheap managed switch laying around so I plugged that in, enabled 802.1Q VLAN Configuration, and set the PVID to 5 on every port. I left the port that the device is plugged into as "untagged" but tagged the others to VLAN 5 and that works (the switch gets a DHCP from the VLAN 5 scope and so does the device).
What I'm wondering is if there is a way to remove that switch from the picture altogether (plug the device directly into port 2 on the Firewalla) and have it associate with VLAN 5 and get its IP from that scope.
-
It should work as long as that device adds the VLAN tag itself. I know MacOS supports it, https://support.apple.com/en-kw/guide/mac-help/mh15134/mac And Windows probably also does.
Please sign in to leave a comment.
Comments
4 comments