Welcome to TP-LINK Tech Support Forum
+ Reply to Thread
Results 1 to 5 of 5
  1. #1

    VLANs can ping each other

    p-1, port 1 is my trunk port, how would I set these ports tag/untag/PVID in this scenario so that devices in different vlans can't ping/see each other?
    The Router has the subnets/VLANs set on it. I could get the machines on their VLAN and receiving the correct IPs with this config but they could ping each other from different VLANs?
    Attachment 6353

    All I have set at the moment is
    VLAN ID 1 - Untagged Ports - 1-8

    appreciate any help with this!
    Last edited by beamboy; 11-03-2017 at 22:02.

  2. #2
    Members R1D2 is on a distinguished road
    Join Date
    Dec 2015
    Posts
    1,127
    As long as you don't isolate the different networks on your router and it is used as the default gateway, the router usually will route traffic from/to those networks independent of their VLAN membership.

  3. #3
    So I still need to isolate (firewall) the networks from each other? Vlan tagging doesn't do that?

  4. #4
    Members R1D2 is on a distinguished road
    Join Date
    Dec 2015
    Posts
    1,127
    Quote Originally Posted by beamboy View Post
    So I still need to isolate (firewall) the networks from each other? Vlan tagging doesn't do that?
    In general, enabling VLANs on the router usually will not (and should not) mess around with firewall policies/settings. Usually a router should do routing between subnets managed by the router. You need to define the firewall policy you have in mind if not set as default policy already.

  5. #5
    awesome thanks man got it all sorted, firewall groups for the vlans and a bit of effort.


 

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

Copyright 1996-2017 TP-LINK Technologies Co., Ltd. All rights reserved.