This step by step guide shows how to setup VLAN with Zyxel GS/XGS Series Switch. We will show you how to add VLAN and how to set different setup between setup untagged and tagged VLAN. Zyxel supports different Types of VLANs, this KB is based on Tag-based VLAN (802.1Q).
Step by step guide
These steps will show you how to setup a VLAN that separates your Guest traffic in your network, here as example VLAN10. Please note that this tutorial is only covering the configuration of the switch.
3. Set PVID - for devices that dont support VLAN (VLAN-unaware)
1. Login to Switch
Please Login to Switch with default IP 192.168.1.1 and "Ignore" this Message, this can be changed later.
If you're having problems, please look at this article:
Network Switch - Change the switch management IP address [First Login]
2. Add VLAN
Go to:
SWITCHING > VLAN > VLAN Setup > Static VLAN > Add/Edit
"Click" > Static VLAN
Add Name, VLAN ID, select Control and Tagging.
Here we set all Ports to fixed and Tagging, except Port 1-2 this Port will be used for devices that cannot handle VLAN (VLAN unaware like normal PC, A PVID for this port will be needed!) and all other Ports for devices that can VLAN-(VLAN-aware). Last please "Click" on ADD:
Normal: Make the port join this VLAN dynamically
Fixed: Make the Port be a fixed member of this VLAN
Forbidden: Prohibit the port to join the VLAN
3. Set a PVID
For devices that dont support VLAN (VLAN-unaware, like a normal PC).
In Example before Port 1-2 is not set to Tx-Tagging. This Ports should only be member of VLAN10 and not of VLAN1. Go to:
SWITCHING > VLAN > VLAN Setup > VLAN Port Setup
Set Port 1-2 to PVID 10 and apply settings:
Additional deeper Information’s regarding VLAN Trunking you can find here.
Now we check (Go to Advanced Application > VLAN > Status) VLAN1:
Here, our VLAN1 is also untagged on port 1,2 and we only want one single untagged VLAN per port.
Then navigate back to:
SWITCHING > VLAN > VLAN Setup > Static VLAN > Add/Edit
Then select the VLAN1, click "Add/Edit" and change Port1-2 to Forbidden and apply:
Why we do need this?
A port can only support one untagged membership but multiple tagged memberships! In default configuration all Ports are untag assign to VLAN1. Deeper information’s you can find here.
After configuring the switch you should always save your new configuration on the switch.
Otherwise, the switch will lose the changes after a reboot.
Switch Configuration Lost After Power Outage or Power Cycle Issue
4. CLI Example
Example Current configuration after adding VLAN (GS2220-28HP):
show running-config
; Product Name = GS2220-28HP
; Firmware Version = V4.70(ABRR.4) | 06/15/2021
no cloud center discovery
vlan 1
name 1
normal ""
fixed 3-28
forbidden 1-2
untagged 1-28
ip address default-management 192.168.1.11 255.255.255.0
exit
vlan 10
name Guest
normal ""
fixed 1-28
forbidden ""
untagged 1-2
exit
igmp-snooping unknown-multicast-frame drop
igmp-snooping reserved-multicast-group drop
interface port-channel 1
pvid 10
exit
interface port-channel 2
pvid 10
exit
ip name-server 8.8.8.8 1.1.1.1
timesync server 1.pool.ntp.org
timesync ntp
pwr mode consumption
Deeper Informations
If you want to learn / know more about our VLAN design, please have a look here:
VLANs - Tagged VLANs vs. PVID (Setup Example Untagged/Tagged VLAN on a GS22XX-Switch)
VLANs - A deeper look at how they work
Setup Assistance, you´re looking for assisted configuration by our Professional Services Team? Please check here: Zyxel ConfigService Switch
Comments
0 comments
Please sign in to leave a comment.