Welcome to TP-LINK Tech Support Forum
+ Reply to Thread
Results 1 to 2 of 2
  1. #1
    Junior Member RonMidwest is on a distinguished road
    Join Date
    Mar 2018
    Posts
    1

    Simple VPN Setup

    Model :

    Hardware Version :

    Firmware Version :

    ISP : [/COLOR]

    Good Morning,

    I have a client with a T1600G-52PS switch. The switch is connected to a Comcast Gateway for internet connectivity. They are renting an office to a tenant who has 2 computers and 1 printer. They want to provide Internet and peer to peer network connectivity for them.

    My thought was to run a cable to the tenants office from port 47 of the T1600 and place a cheap 5 port switch there to plug the 3 devices into. I need to isolate that port from the other computers and equipment of the landlord. For the life of me I can't understand how to make this work. My thought was setup a vlan but 10 hours of youtube videos later i'm still confused. Is there a step by step on how this is done? Will they need their own router?

    Thanks

  2. #2
    Members R1D2 is on a distinguished road
    Join Date
    Dec 2015
    Posts
    1,638
    Quote Originally Posted by RonMidwest View Post
    Will they need their own router?
    Yes, a separate router (or a VLAN-aware router, which is a logical separate router, albeit physically only one device) is usually needed for two separate networks. Remember, VLANs is a mechanism to re-use the same physical cables/switches/routers for two or more networks. Thus, VLANs only exist inside the network switching/routing infrastructure. Regarding it's edge interfaces (WAN1, WAN2, LAN1, LAN2) the VLANs are split up into separate networks much like you would have each network device twice with separate physical cables.

    But if the router lets you create two separate LANs and supports VLANs, you can easily share the single WAN interface between two isolated LANs.

    If the router isn't VLAN-aware and/or lets you not create additional LANs, you could assign a limited set of IPs to the tenant and use Access Control Lists (ACLs) together with VLANs to separate the tenant's devices from the rest of the LAN network. But I don't recommend this, I always set up two or more separate LANs to create isolated subnets.

    BTW: although VLANs can be used to isolate subnets from each other, they are not a VPN, which usually use tunneling techniques.
    Last edited by R1D2; 03-31-2018 at 17:20.


 

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

Copyright 1996-2018 TP-LINK Technologies Co., Ltd. All rights reserved.