Good afternoon, our company started out very small and is now growing very large to the point where I am looking at layering hosts to obtain more segregation and security for different areas/users within the company. I've been playing around with the VLAN feature in this router a long with the multiple subnets to see what the most ideal configuration situation would be.
Ideally I was thinking I would block out hosts for areas regarding security and use the VLANS built into the RV016 to isolate them from other users/areas on the network. HOWEVER it seems that the VLANS ONLY segregrate within the Device IP Address (RV016) and Subnet Masks realm. So for example, if my RV016 is setup with a standard Class C net of 192.168.1.1 host with a 255.255.255.0 sub, and I add a multiple subnet of 192.168.2.0/24, and I then assign a LAN port in the RV016 to say VLAN2, and all others to VLAN1, my device on ip 192.168.1.20 VLAN2 for example, is accessible by devices on the VLAN1 with ip 192.168.2.20. It appears to me that the VLAN functions on the LAN ports are NOT being applied to devices that are added or created under multiple subnets.
This is frustrating for me because ideally this is how I would prefer to use it so I can expand my network by adding more hosts and acheiving segregation and separation. Ideally this would be resolvable if I could modify the main device subnet mask to something OTHER than the 255.255.255.x settings that are preset in the device, disgarding the need for multiple subnets, and allowing VLANS to function as they are built into the device. It seems the only way I can truly get the security/separation I desire between devices on the VLANs and in the multiple subnets is to create deny ACL's within the RV016 itself.
Hopefully this makes sense. I guess I am wondering if there are other devices out in the market that will acheive what I want to do but not require some substantial elite network training degree to hand code everything in console/terminal? Any other suggestions appreciate to acheive what I explained above. Thank you for reading and your help.
RV016 supports multiple subnets and port-based VLAN. If a host is connected to a port designated to VLAN2, the host should be isolated from all the computers in VLAN1, regardless the IP address of the host.
This is exactly how I was hoping or assumed it should work as well but it does not seem to behave that way. HOWEVER, after posting this I did find an interesting possible solution. If you add a multiple subnet of 192.168.0.0 @ 255.255.0.0 and have the device at 192.168.1.1 @ 255.255.255.0 you THEN are able to acheive segregation under the VLAN functionality of the device. I need to look into this more, I'm sure it makes sense to someone, somewhere, but just not me at the moment. Brain is mush after troubleshooting different options and scenarios.
Hi every one!!!When you are configuring a remote VPN connection, there
are some steps that are lost on the path. Here you can see those steps.
A) In your Cisco device: 1. Ensure you don´t have any rule denying the
traffic between the device and the remote...
** Update **These and a number of other issues have been addressed in
SRP520 MR3. Please see https://supportforums.cisco.com/docs/DOC-13853
for details on how to access this code.There have been a number of
reports of the SRP500 becoming unresponsive afte...
STANDARDSOURCECOMMENTSEthernet RJ-45 connector pin number12345678IEEE
802.3afusing data pairsRXDC+RXDC+TXDC-sparespareTXDC-sparespareIndustry
Standard for Embedded POE(used by Cisco Catalyst Switches)IEEE
802.3afusing spare pairs RXRXTXDC+DC+TXDC-DC-Indus...