EdgeSwitch - Tagging and Untagging Port VLANs


Overview


This article describes the steps needed to create VLANs and define ports to be either untagged (access) or tagged (trunk) for specific VLANs. 

NOTES & REQUIREMENTS:
Applicable to the latest EdgeSwitch firmware on all EdgeSwitch models. Knowledge of the Command Line Interface (CLI) and basic networking knowledge is required. Please see the Related Articles below for more information and see the attachments for the configuration used in this article.
 
Devices used in this article:

Table of Contents


  1. Network Diagram
  2. Port VLAN Configuration
  3. Related Articles

Network Diagram


Back to Top

The network topology is shown below. The following interfaces are in use on the EdgeSwitches (ES) and the EdgeRouter (ER).

ER-4

  • eth0 - 203.0.113.1
  • eth1.10 (VIF 10) - 10.0.10.1/24
  • eth1.20 (VIF 20) - 10.0.20.1/24

ES-1

  • 0/3 - Untagged (U) VLAN10
  • 0/6 - Untagged (U) VLAN10 / Tagged (T) VLAN20
  • 0/8 - Tagged (T) VLAN10,20
  • 0/9 - Tagged (T) VLAN10,20

ES-2

  • 0/3 - Untagged (U) VLAN10
  • 0/6 - Untagged (U) VLAN20
  • 0/9 - Tagged (T) VLAN10,20

topology.png

The UAP-AC-Pro will tag the wireless network with VLAN20. The access-point's management traffic is sent untagged and will be placed in VLAN10.


Port VLAN Configuration


Back to Top

GUI: Access the Graphical User Interface (GUI) on ES-1.

1. Create the VLANs.

VLANs > New VLAN ID

Enter 10 and select + 

VLANs > New VLAN ID

Enter 20 and select + 

2. Assign the ports to the VLANs created above using the wizard.

#Row VLAN1:
Exclude (E) ports: 0/3, 0/6, 0/8, 0/9

#Row VLAN10:
Untagged (U) ports: 0/3, 0/6
Tagged (T) ports: 0/8, 0/9

#Row VLAN20:
Exclude (E) ports: 0/3
Tagged (T) ports: 0/6, 0/8, 0/9

3. Apply the configuration changes.

 

GUI: Access the Graphical User Interface (GUI) on ES-2.

1. Create the VLANs.

VLANs > New VLAN ID

Enter 10 and select + 

VLANs > New VLAN ID

Enter 20 and select + 

2. Assign the ports to the VLANs created above using the wizard.

#Row VLAN1:
Exclude (E) ports: 0/3, 0/6, 0/9

#Row VLAN10:
Exclude (E) ports: 0/6
Untagged (U) ports: 0/3
Tagged (T) ports: 0/9

#Row VLAN20:
Exclude (E) ports: 0/3
Untagged (U) ports: 0/6
Tagged (T) ports: 0/9

3. Apply the configuration changes.

 

The CLI equivalent of this configuration is shown below.

CLI: Access the command line interface (CLI). You can do this by using a program such as PuTTY.
#ES-1
enable

vlan database
vlan 10,20
exit

configure

interface 0/3
description server
vlan pvid 10
vlan participation exclude 1,20
vlan participation include 10
exit

interface 0/6
description uap
vlan tagging 20
vlan pvid 10
vlan participation exclude 1
vlan participation include 10,20
exit

interface 0/8
description edgerouter
vlan tagging 10,20
vlan participation exclude 1
vlan participation include 10,20
exit

interface 0/9
description edgeswitch
vlan tagging 10,20
vlan participation exclude 1
vlan participation include 10,20
exit

#ES-2
enable

vlan database
vlan 10,20
exit

configure

interface 0/3
description client
vlan pvid 10
vlan participation exclude 1,20
vlan participation include 10
exit

interface 0/6
description guest
vlan pvid 20
vlan participation exclude 1,10
vlan participation include 20
exit

interface 0/9
description edgeswitch
vlan tagging 10,20
vlan participation exclude 1
vlan participation include 10,20
exit

Related Articles


Back to Top

EdgeRouter - Router on a Stick

EdgeSwitch - Inter-VLAN Routing

EdgeSwitch - Management Access using HTTPS and SSH