Network Configuration with 2 Switches?

[Mike K]

Here is my situation: If I have two switches, one in each of two buildings connected with a single fiber trunk cable & Each switch is "managed", but the manufactures are different & Each switch has its own firmware to handle device/network configuration assignments & Both switches are VLAN compliant.

Then my question is: Is it going to be possible to set-up/configure multiple VLANS witch assign some devices/cameras operating from each switch; into a single VLAN? Is there separate SW to do that?

 

[drew91101]

Definitely a @nayr question

 

[Mike K]

I like your avatar.

 

[nayr]

if the switches support vlan tagging, if they are managed its likely.. then yeah..

the uplink ports are tagged for all vlans, and then you port assign ports on either side to either vlan.. then you usually put up a router thats got a tagged vlan interface like the uplinks and it routes traffic between the vlans and enforces firewall rules.

 

[drew91101]

I like your avatar.

Hah thanks!

Sent from my SM-G920P using Tapatalk

 

[Mike K]

I don't see it in the description.

Amazon.com: TRENDnet TEW-818DRU AC1900 Dual Band Wireless AC Gigabit Router, 2.4GHz 600Mbps+5Ghz 1300Mbps, One-Touch Network connection with WPS button, 1 USB 2.0 Port & 1 USB 3.0 Port, DD-WRT Compatible, IPv6, Guest Network, Parental controls: Computers & Accessories

my system is not assembled yet such that I can turn it on to check it out.

 

[nayr]

yeah you gonna need an enterprise router for vlans, and they aint that easy to setup.. check out the Ubiquiti EdgeRouter.

 

[Mike K]

I checked out 5 Ubiquiti EdgeRouter routers and did not see anything explicit about VLAN tags ?

 

[nayr]

it does that I can assure you; its also called: IEEE 802.1Q - Wikipedia

 

[Mike K]

I checked my Comcast router in my home LAN and there does not appear to be any advanced features to add VLANS either.

 

[tangent]

Typically you have to use 3rd party firmware like merlin, tomato, or dd-wrt to configure vlans on consumer equipment. I have seen a couple consumer devices with vlan features but there usually buried in hidden menus that you sometimes have to muck around in busybox to find.

 

[Mike K]

Typically you have to use 3rd party firmware like merlin, tomato, or dd-wrt to configure vlans on consumer equipment. I have seen a couple consumer devices with vlan features but there usually buried in hidden menus that you sometimes have to muck around in busybox to find.

I checked these firmware programs and it appears that they are all associated with routers with the same names. Do I understand correctly that these programs are dedicated to their respective hardware routers only?

 

[tangent]

I checked these firmware programs and it appears that they are all associated with routers with the same names. Do I understand correctly that these programs are dedicated to their respective hardware routers only?

there are a bunch of models these work on. Merlin is only for asus routers, other work on a variety of hardware. vlans can be a bit of a pain to configure on these.

 

[nayr]

vlan's can be a bit of a pain to configure period; need to have basic understanding of routing/subnetting/trunking to get it done right.. and since it requires enterprise grade switches and routers its far from consumer friendly, setup and configuration could be quite intimidating if you dont know what your doing.

if it was easy I'd be suggesting everyone put cameras on a vlan like I do w/VPN.. but its not, so I dont.. its easy to just create rules on your firewall to block the cameras from accessing the internet.

 

[tigerwillow1]

vlan's can be a bit of a pain to configure period.......its far from consumer friendly, setup and configuration could be quite intimidating if you dont know what your doing.

What a timely post! I've been trying to set up vlans on a Cisco switch to isolate the cameras from the WAN, and I'm figuratively pulling my hair out. I've done hours of reading and followed examples, and nothing has worked. It sounds simple enough: Set up multiple vlans, set ports to "general", set up some ports to be members of multiple vlans. Trouble is, it just doesn't work. After trying all sorts of combinations, I just can't get one port to function in 2 vlans at the same time. I'm wondering if putting the switch into level 3 mode might lead to a solution?

 

[nayr]

typically you only have ports on multiple VLAN's if they are multi-homed devices.. like switches, routers, servers.. then you have to add vlan interfaces with the appropriate tag.

otherwise you just assign the port to the vlan and the device is just on that vlan w/out a special tagging interface being configured.

 

[Mike K]

there are a bunch of models these work on. Merlin is only for asus routers, other work on a variety of hardware. vlans can be a bit of a pain to configure on these.

vlan's can be a bit of a pain to configure period; need to have basic understanding of routing/subnetting/trunking to get it done right.. and since it requires enterprise grade switches and routers its far from consumer friendly, setup and configuration could be quite intimidating if you dont know what your doing.

if it was easy I'd be suggesting everyone put cameras on a vlan like I do w/VPN.. but its not, so I dont.. its easy to just create rules on your firewall to block the cameras from accessing the internet.

OK so VLANs are maybe not the place to start, but I'm usually not one to shy away from a challenge. Never the less, for now id like to know that i'm at least building a network with components that will eventually do the job.

What do you think of this how-to description?

Build Secure VLAN Networks with ‘Shibby’ Router Firmware

 

[Mike K]

What a timely post! I've been trying to set up vlans on a Cisco switch to isolate the cameras from the WAN, and I'm figuratively pulling my hair out. I've done hours of reading and followed examples, and nothing has worked. It sounds simple enough: Set up multiple vlans, set ports to "general", set up some ports to be members of multiple vlans. Trouble is, it just doesn't work. After trying all sorts of combinations, I just can't get one port to function in 2 vlans at the same time. I'm wondering if putting the switch into level 3 mode might lead to a solution?

What is your router and firmware?

 

[Mike K]

typically you only have ports on multiple VLAN's if they are multi-homed devices.. like switches, routers, servers.. then you have to add vlan interfaces with the appropriate tag.

otherwise you just assign the port to the vlan and the device is just on that vlan w/out a special tagging interface being configured.

Are you saying that you can't put cameras in a vlan because they are already in the default lan?

 

[tigerwillow1]

What is your router and firmware?

My switch is a Cisco SF300-24P. The router is a Cambium MIMO OFDM Subscriber Module running
CANOPY 15.0.1 SM-DES. The ISP owns the router and will not give me access to it, so if I use a router firewall solution to block the cameras from the wan, it will have to be with a daisy-chained router (or a different isp, not too easy where I live).