I'm trying to separate the network traffic on my home setup using VLANs but going through the docs I must admit I feel a bit lost. I'm attaching a simplistic drawing of what I'm trying to achieve (in reality, there some some 50+ devices in my home network). My networking knowledge is limited, so please forgive me in advance if I misuse a term here and there making networking gurus going nuts
The idea is to separate the traffic from IP Cams into their own VLAN (5) , and the traffic from IP Phones to their own VLAN (7). However, I need certain devices (i.e. my main PC at 192.168.2.50/24) to be able to access simultaneously the Cams as well as the Phones VLANs, so for example, I can go through the admin settings of Cams and Phones. Naturally, I don't want any traffic between VLAN 5 and VLAN 7. The extra tricky part is that my devices are physically connected to different switches.
So, here are the questions:
Going through the forum and googling for the last three days, I saw people mentioning that it's not a good idea to have the same subnets in different VLANs. However, I realise this is my only option in order not to use a separate router (this being a home setup, I have limited budget, so I could throw in a router if this is absolutely the only way to make this work). Is my assumption correct or maybe doing this I'm breaking something else?
No matter what VLAN configuration I’m trying I can’t make this to work What I have tried:
- On SG200-08, I setup ports 1, 2 as ACCESS and assign them to VLAN 5 and VLAN 7 respectively. Being ACCESS ports, these are UNTAGGED.
- On SG200-08, I setup port 7 as TRUNK, with operational VLAN Membership 1U, 5T, 7T. Being a TRUNK port, I can only assign additional VLANs as TAGGED.
- On SG200-26, I setup port 15 as TRUNK with operational VLAN Membership 1UP, 5T, 7T. Being a TRUNK port, I can only assign additional VLANs as TAGGED.
- On SG200-26, I setup port 8 as General, with operational VLAN Membership 1UP, 5T, 7T (I also tried with 1UP, 5U, 7U).
According to my limited networking understanding, I would expect the above to work, but I’m obviously missing something here Can I please have some pointers?
Thanks FratianD. However, having all my VLANs on the same subnet shouldn't actually allow me to see traffic from each other - provided the underlying port is "exposed" in both VLANs? I don't want to route traffic from one subnet to another. My "simple" requirement is to be able to tell to a port "When you send traffic, mark it as VLAN 5, but also listen for traffic on VLAN 7 (in addition to your own VLAN 5)". Isn't this possible? I though this is why General port type exists. I guess here's something I'm missing...
As I said above, my real configuration is a little bit more complex, with 5 x SG200-08 scattered around the house with each one having an "uplink" to the SG200-26 (plus buying an SG300-52 is totally out of budget ).
Article ID:4006 Configure Secure Shell (SSH) Server Authentication
Settings on a Switch Objective Secure Shell (SSH) is a protocol that
provides a secure remote connection to specific network devices. This
connection provides functionality that is similar...
Article ID:4982 Access an SMB Switch CLI using SSH or Telnet Objective
The Cisco Small Business Managed Switches can be remotely accessed and
configured through the Command Line Interface (CLI). Accessing the CLI
allows commands to be entered in a termina...
Article ID:5735 Convert Configuration Files using the Configuration
Migration Tool on Cisco Small Business Switches Introduction The Cisco
Configuration Migration Tool allows you to convert configuration files
from previous generation of Cisco Small Busin...