Can the Firewalla Gold support VLANS on it's Ports with DHCP without a lan being defined or is LAN and VLAN basically the same.
So a little back ground I work in the tech field as a pro
to VLAN 2 and enable DHCP but they will not hand out DHCP address on those port. If I configure them to LAN ports they work fine. Is the phrase VLAN, only for extended networks in a Virtual way with managed switches? I currently have 2 ports configured as LANs with rules and that works so the question is, what they call a LAN on the FWG the same as a VLAN. I've had a support case going on most of the week but support on this box is very limited to almost none. I'm hoping that someone on the Community is more familiar with the FWG than I am. From everything I've setup on this box it's looks to be everything I need in a small environment if Support were better this would be a no brainer for most people.
-
When you connect your laptop to the FWG port, did you configure the interface on your laptop to have the VLAN ID's configured on that port? if not, the laptop will NOT be able to get DHCP address. Your laptop needs to configure the ethernet port (on the laptop) to be a tagged or trunk port.
-
So this makes perfect sense this is the difference between FWG and a other routers I've used in the past. The VLAN tagging isn't something I've run into on the node side when your using the local ports on other routers. that also tells me this router is designed to work with a managed switches in most VLAN type applications. Well at least I understand and will make the changes to my network as need be.
Thank you
-
So this was a concept I wasn't used to and don't fully understand in the FWG. Most of the routers I've used(a little better than than 150 dollar cheap router) the ports on the router are defined as VLANs and the router will hand out addresses configured in the router but aren't stackable with VLANs, in the case of the FWG you can create 4 different networks without a WAN port or three with the lan configured and I believe they now support band sharing and backup WAN connections that will all hand out their own ip addresses much like a VLAN would. to be honest I don't really see a big difference as to what Firewalla does to these ports that is really different from a regular VLAN. I think the biggest difference with Firewalla is they have routers with one port so the VLANs have to be stacked and this concept follows throughout their line of products, so when you create VLANs in this manner it will require a third party managed network switch that has the capability to work on layer three of the OSI model the IP layer that you get your IP addresses to work on. These switches can then have the ports configured for different VLANs that will hand out DHCP addresses to the nodes on that VLAN so the FWG doesn't manage these VLANs it's the managed switch that does and from my understanding it needs to be a compatible network switch, they have a list of compatible switches on their site but I believe it's not all inclusive other switches can work. That's the long answer below is a short answer that will allow you do what you want. I believe the above is correct for the information I gathered from their support which took about a week of back and forth because you can't talk to a person in there support system.
These networks you create on the ports work exactly like VLANs and can be isolated using the policies just like a regular VLAN. It appears that they are tagged once you first create them but you can configure policies that will separate the networks much like a VLAN and it works very well. You could also setup the VLAN and set. static numbers on the nodes in the field and that would work without a managed switch, but the first option without a managed switch and policies will work fine with a basic non managed switch. Firewalla I believe is trying to leave the most flexibility as possible with their routers and to be honest this is probably one on the most user friendly routers I've seen to date. Most things are in layman terms and if you have a little bit of network background can easily configure the Firewalla's from other brands of routers. I can think of a few other ways to configure this but I would setup the network on the port you want and get an unmanaged switch per networks configured or just plug directly into the port on the FWG. I know this can be confusing but you get as much and more with the Firewalla than you get from your basic run of the mill router. I've configured the hidden VPN on this and it works perfectly. All in all this is an outstanding product but I've had some network schooling so I'm able to utilize a lot of the features offered for example QoS(Quality of Service)for phone calls or other devices that require priority over other devices on the network works well and helped a lot with the cell phones in our house they call that feature Smart Queue so what they call things are not standard names that other routers use, be aware the features maybe there but are named something else. This is a Linux based product so I would also make sure you do an ordered shut down and not pull power to reset it. It's been my experience that Linux based products can eventually be bricked by just pulling the power cord. Good luck I know this was a lot of information but there is so much more when it comes to networking.
Please sign in to leave a comment.
Comments
7 comments