cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1811
Views
0
Helpful
11
Replies

Help configuring SRW208G

JonesBayCo
Level 1
Level 1

I have a new SRW208G switch and what I want to do seems very simple but so far I am unable to figure out how to do it.

  • DSL Modem/Router connected to g1 (It could be connected to one of the "e" ports if more appropriate). DSL Modem/Router is also the DHCP server.

  • I want devices connected to ports e1-e7 to be able to connect to each other and to g1.

  • I want port e8 to be able to communicate ONLY with the DSL router on g1.

Simply stated, I want to create an isolated "guest" port so that a device connected to this port can communicate only with the DSL router and not with any other devices on the LAN.

It seems that PVE should be a simple way to do this but so far everything I've tried results in no communication on e8.

Can someone please provide detailed steps for this seemingly simple configuration?

Thank you.

3 Accepted Solutions

Accepted Solutions

alissitz
Level 4
Level 4

Hello,

Ports 7-8 are shared with G1 and G2. It is an either or ...

Two vlans are fine, can the DSL modem route to both?  You need reachability if using multiple vlans ... vlans can segregate traffic just fine.  On the modem you can make sure you do not route between vlans.

If using PVE, this would work too and you would keep all the ports on the same vlan.

Make sure the PVE is pointing to the uplink just fine.  You might chose to run a sniffer as part of your testing to make sure there are no loops with the dsl modem and or your configs are tight.

Plug the modem into any port, no worries.

Do please let me know how you make out.  HTH,

Andrew Lissitz

View solution in original post

Good work!!!

I think you pretty much got it.

Using vlans and private vlan edge (PVE) features, you have segregated your network and kept things separated... cool stuff and good work!

HTH,

Andrew Lissitz

View solution in original post

You are right, it varies on each model whether or not the ports are shared.  i have a SRW2008MP and these are shared.

On your model, it appears you have two dedicated uplinks ... the fiber port is a shared one with the copper one.  Sorry for being confusing in my posting.

Have a great night,

Andrew

View solution in original post

11 Replies 11

alissitz
Level 4
Level 4

Hello,

Ports 7-8 are shared with G1 and G2. It is an either or ...

Two vlans are fine, can the DSL modem route to both?  You need reachability if using multiple vlans ... vlans can segregate traffic just fine.  On the modem you can make sure you do not route between vlans.

If using PVE, this would work too and you would keep all the ports on the same vlan.

Make sure the PVE is pointing to the uplink just fine.  You might chose to run a sniffer as part of your testing to make sure there are no loops with the dsl modem and or your configs are tight.

Plug the modem into any port, no worries.

Do please let me know how you make out.  HTH,

Andrew Lissitz

Andrew,

Thank you very much for the quick reply. I will post as soon as I have some results.

Sounds good!

No joy so far. I've attached screen shots of my current configuration:

DSL Router connected to g1.

Rest of my network (except for one test "guest" computer) connected to e1.

VLAN 1: e1, e7, e8, g1, g2 (g1 is general port, all others are access)

VLAN 2: e2, e3, e4, e5, e6 (all PVE to g1)

Results

The rest of my network (on e1) has normal connectivity to Internet via DSL Router.

Test computer connected to e6 cannot connect to anything.

DSL Router (192.168.1.1) also provides DHCP server, range 192.168.1.15-47, mask 255.255.255.0

Test computer has static IP 192.168.1.9, mask 255.255.255.0

Test computer can ping 127.0.0.1 but not itself (192.168.1.9) or DSL Router (192.168.1.1)

OK, I think I have it now.

On VLAN Management / Port Setting screen, set g1's PVID to 2 (was 1) and moved the rest of my network from e1 (VLAN 1) to e2 (VLAN 2).

Now the rest of my network (on e2, PVE to g1) has connectivity within itself and to the Internet via DSL Router.

Test computer (on e6, PVE to g1) has connectivity to Internet via DSL Router.

Test computer cannot ping the rest of my network or the SRW208G switch (so no access to switch management).

The rest of my network cannot ping the test computer, or the SRW208G switch.

To use web view to manage the switch, I need to connect to Port e1. I can live with that.

This is pretty much what I originally wanted.

If you see a better way, I'd be delighted to hear.

Good work!!!

I think you pretty much got it.

Using vlans and private vlan edge (PVE) features, you have segregated your network and kept things separated... cool stuff and good work!

HTH,

Andrew Lissitz

I am satisfied. Thank you Andrew for your help. I am marking this question as answered.

I'm also attaching screen shots of my final configuration in case it could help anyone else.

By the way, where in the SRW208G User Guide (or elsewhere) is it documented that e7 is shared with g1 and e8 is shared with g2? I looked through the entire guide without finding that information.

You are right, it varies on each model whether or not the ports are shared.  i have a SRW2008MP and these are shared.

On your model, it appears you have two dedicated uplinks ... the fiber port is a shared one with the copper one.  Sorry for being confusing in my posting.

Have a great night,

Andrew

Thank you for the clarification.

You are welcome, thanks also for asking for clarification.

By the way for posting your configs.  I hope this will be a help for others ;-)

Andrew Lissitz

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Switch products supported in this community
Cisco Business Product Family
  • CBS110
  • CBS220
  • CBS250
  • CBS350
Cisco Switching Product Family
  • 110
  • 200
  • 220
  • 250
  • 300
  • 350
  • 350X
  • 550X