Isolating one router port from the restIsolating a computer in the networkHow to set up a dd-wrt router, isolating one ethernet port from the restWhat if my core switch is not routing capable (no Layer 3 routing)?Two routers or one router and WAP?DD-WRT and VLANs - Isolating router from network, keeping Internet accessSingle-port 2600 router with 2900XL switchIs there a way to pass VLAN tagged frames through managed switch?Forwarding VPN from one router through anotherDisable Windows Network access for specific router LAN portsConnect 3 L2 switches to router
Where do I get advice and guidance from in my PhD if my supervisor is not an expert in the field I am working on?
Where can I find a database of galactic spectra?
Employer wants to use my work email account after I quit
How do I turn off a repeating trade?
Why is the high-pass filter result in a discrete wavelet transform (DWT) downsampled?
Hand soldering SMD 1206 components
Can humans ever directly see a few photons at a time? Can a human see a single photon?
What's currently blocking the construction of the wall between Mexico and the US?
If I wouldn't want to read the story, is writing it still a good idea?
Interaction between Leyline of Anticipation and Teferi, Time Raveler
Why do some games show lights shine thorugh walls?
Can White Castle?
Does this Wild Magic result affect the sorcerer or just other creatures?
Is it illegal to withhold someone's passport and green card in California?
What are the penalties for overstaying in USA?
Folding basket - is there such a thing?
Computing a trigonometric integral
Capacitors in series INTUITION
Going to get married soon, should I do it on Dec 31 or Jan 1?
Can Ogre clerics use Purify Food and Drink on humanoid characters?
Is it possible writing coservation of relativistic energy in this naive way?
Why is the voltage measurement of this circuit different when the switch is on?
Is adding a new player (or players) a DM decision, or a group decision?
Vanishing of certain coefficients coming from Coxeter groups
Isolating one router port from the rest
Isolating a computer in the networkHow to set up a dd-wrt router, isolating one ethernet port from the restWhat if my core switch is not routing capable (no Layer 3 routing)?Two routers or one router and WAP?DD-WRT and VLANs - Isolating router from network, keeping Internet accessSingle-port 2600 router with 2900XL switchIs there a way to pass VLAN tagged frames through managed switch?Forwarding VPN from one router through anotherDisable Windows Network access for specific router LAN portsConnect 3 L2 switches to router
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;
I don't know much about TCP/IP and what I'm trying to do seems fairly basic to me but I can't seem to figure it out.
I have one central router connecting to my ISP, and all computers connected to this router are currently able to see each other. I would like to isolate one of the physical ports so that computers connected to this specific port can't see the rest of the network, but are still able to access the internet.
The isolated network will be connected via a managed switch (GS105E). The switch can configure VLANs based on ports and 802.1Q, but I have no clue if that's what I need in order to achieve what I'm after.
So far when I create a different VLAN, the computers on that network can't use the DCHP server and can't connect to the internet.
A possible solution is to add another router instead of the switch, but I was hoping the switch would be able to provide a more efficient and lightweight solution to this.
Is it possible to do this with one router and one switch? Or do I really need 2 routers to create 2 networks?
networking routing tcpip
asked Mar 19 '11 at 13:22
Thijs KoerselmanThijs Koerselman
1012 bronze badges
migrated from stackoverflow.com Mar 19 '11 at 13:32
This question came from our site for professional and enthusiast programmers.
add a comment |
I don't know much about TCP/IP and what I'm trying to do seems fairly basic to me but I can't seem to figure it out.
I have one central router connecting to my ISP, and all computers connected to this router are currently able to see each other. I would like to isolate one of the physical ports so that computers connected to this specific port can't see the rest of the network, but are still able to access the internet.
The isolated network will be connected via a managed switch (GS105E). The switch can configure VLANs based on ports and 802.1Q, but I have no clue if that's what I need in order to achieve what I'm after.
So far when I create a different VLAN, the computers on that network can't use the DCHP server and can't connect to the internet.
A possible solution is to add another router instead of the switch, but I was hoping the switch would be able to provide a more efficient and lightweight solution to this.
Is it possible to do this with one router and one switch? Or do I really need 2 routers to create 2 networks?
networking routing tcpip
asked Mar 19 '11 at 13:22
Thijs KoerselmanThijs Koerselman
1012 bronze badges
migrated from stackoverflow.com Mar 19 '11 at 13:32
This question came from our site for professional and enthusiast programmers.
add a comment |
I don't know much about TCP/IP and what I'm trying to do seems fairly basic to me but I can't seem to figure it out.
I have one central router connecting to my ISP, and all computers connected to this router are currently able to see each other. I would like to isolate one of the physical ports so that computers connected to this specific port can't see the rest of the network, but are still able to access the internet.
The isolated network will be connected via a managed switch (GS105E). The switch can configure VLANs based on ports and 802.1Q, but I have no clue if that's what I need in order to achieve what I'm after.
So far when I create a different VLAN, the computers on that network can't use the DCHP server and can't connect to the internet.
A possible solution is to add another router instead of the switch, but I was hoping the switch would be able to provide a more efficient and lightweight solution to this.
Is it possible to do this with one router and one switch? Or do I really need 2 routers to create 2 networks?
networking routing tcpip
asked Mar 19 '11 at 13:22
Thijs KoerselmanThijs Koerselman
1012 bronze badges
I don't know much about TCP/IP and what I'm trying to do seems fairly basic to me but I can't seem to figure it out.
I have one central router connecting to my ISP, and all computers connected to this router are currently able to see each other. I would like to isolate one of the physical ports so that computers connected to this specific port can't see the rest of the network, but are still able to access the internet.
The isolated network will be connected via a managed switch (GS105E). The switch can configure VLANs based on ports and 802.1Q, but I have no clue if that's what I need in order to achieve what I'm after.
So far when I create a different VLAN, the computers on that network can't use the DCHP server and can't connect to the internet.
A possible solution is to add another router instead of the switch, but I was hoping the switch would be able to provide a more efficient and lightweight solution to this.
Is it possible to do this with one router and one switch? Or do I really need 2 routers to create 2 networks?
networking routing tcpip
networking routing tcpip
asked Mar 19 '11 at 13:22
Thijs KoerselmanThijs Koerselman
1012 bronze badges
asked Mar 19 '11 at 13:22
Thijs KoerselmanThijs Koerselman
1012 bronze badges
asked Mar 19 '11 at 13:22
Thijs KoerselmanThijs Koerselman
1012 bronze badges
asked Mar 19 '11 at 13:22
Thijs KoerselmanThijs Koerselman
1012 bronze badges
asked Mar 19 '11 at 13:22
Thijs KoerselmanThijs Koerselman
1012 bronze badges
1012 bronze badges
migrated from stackoverflow.com Mar 19 '11 at 13:32
This question came from our site for professional and enthusiast programmers.
migrated from stackoverflow.com Mar 19 '11 at 13:32
This question came from our site for professional and enthusiast programmers.
add a comment |
add a comment |
2 Answers
2
active
oldest
votes
Your router should be able to put port(s) to different VLANs. Say, there are 3 computers A, B, C and a router R. If you want to allow A and B see each other, but isolate them from C, you have an option to add both A and B to vlan1 and C to vlan2. You also need to include R to vlan1 and vlan2 so that both VLANs are able to connect to R. No extra routers are needed.
answered Mar 19 '11 at 13:32
Yasir ArsanukaevYasir Arsanukaev
1814 bronze badges
By default, the router will happily route traffic between A,B on one side and C on the other. However, broadcast traffic will not pass between the two VLANs.
– Vatine
Jun 17 '11 at 11:35
add a comment |
What isn't entirely clear is if your "physical port" is a port on the router or a port in your switch fabric, the right answer changes subtly depending on this. You are, however, talking about VLANs and that makes me suspect it's a port in your switch fabric.
If it's a port in your switch fabric, you need to configure trunking from that port to the central router. You will also need to have one of "trunk ports with native VLAN" or "put all other ports in another VLAN". You will then need to configure two VLANs inside the central router, one for the new and one (possibly untouched) for the existing LAN. After that, you need to filter traffic from the new VLAN to the old.
If it's a physical port, you configure the new port with an IP address range that isn't in use on the existing LAN (or at least will not be in use, afterwards), then configure access-lists (filtering, basically) stopping traffic from the new to the old.
answered Jun 17 '11 at 11:33
VatineVatine
4,93017 silver badges22 bronze badges
add a comment |
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "2"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f249292%2fisolating-one-router-port-from-the-rest%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
Your router should be able to put port(s) to different VLANs. Say, there are 3 computers A, B, C and a router R. If you want to allow A and B see each other, but isolate them from C, you have an option to add both A and B to vlan1 and C to vlan2. You also need to include R to vlan1 and vlan2 so that both VLANs are able to connect to R. No extra routers are needed.
answered Mar 19 '11 at 13:32
Yasir ArsanukaevYasir Arsanukaev
1814 bronze badges
By default, the router will happily route traffic between A,B on one side and C on the other. However, broadcast traffic will not pass between the two VLANs.
– Vatine
Jun 17 '11 at 11:35
add a comment |
Your router should be able to put port(s) to different VLANs. Say, there are 3 computers A, B, C and a router R. If you want to allow A and B see each other, but isolate them from C, you have an option to add both A and B to vlan1 and C to vlan2. You also need to include R to vlan1 and vlan2 so that both VLANs are able to connect to R. No extra routers are needed.
answered Mar 19 '11 at 13:32
Yasir ArsanukaevYasir Arsanukaev
1814 bronze badges
By default, the router will happily route traffic between A,B on one side and C on the other. However, broadcast traffic will not pass between the two VLANs.
– Vatine
Jun 17 '11 at 11:35
add a comment |
Your router should be able to put port(s) to different VLANs. Say, there are 3 computers A, B, C and a router R. If you want to allow A and B see each other, but isolate them from C, you have an option to add both A and B to vlan1 and C to vlan2. You also need to include R to vlan1 and vlan2 so that both VLANs are able to connect to R. No extra routers are needed.
answered Mar 19 '11 at 13:32
Yasir ArsanukaevYasir Arsanukaev
1814 bronze badges
Your router should be able to put port(s) to different VLANs. Say, there are 3 computers A, B, C and a router R. If you want to allow A and B see each other, but isolate them from C, you have an option to add both A and B to vlan1 and C to vlan2. You also need to include R to vlan1 and vlan2 so that both VLANs are able to connect to R. No extra routers are needed.
answered Mar 19 '11 at 13:32
Yasir ArsanukaevYasir Arsanukaev
1814 bronze badges
answered Mar 19 '11 at 13:32
Yasir ArsanukaevYasir Arsanukaev
1814 bronze badges
answered Mar 19 '11 at 13:32
Yasir ArsanukaevYasir Arsanukaev
1814 bronze badges
answered Mar 19 '11 at 13:32
Yasir ArsanukaevYasir Arsanukaev
1814 bronze badges
1814 bronze badges
By default, the router will happily route traffic between A,B on one side and C on the other. However, broadcast traffic will not pass between the two VLANs.
– Vatine
Jun 17 '11 at 11:35
add a comment |
By default, the router will happily route traffic between A,B on one side and C on the other. However, broadcast traffic will not pass between the two VLANs.
– Vatine
Jun 17 '11 at 11:35
By default, the router will happily route traffic between A,B on one side and C on the other. However, broadcast traffic will not pass between the two VLANs.
– Vatine
Jun 17 '11 at 11:35
By default, the router will happily route traffic between A,B on one side and C on the other. However, broadcast traffic will not pass between the two VLANs.
– Vatine
Jun 17 '11 at 11:35
add a comment |
What isn't entirely clear is if your "physical port" is a port on the router or a port in your switch fabric, the right answer changes subtly depending on this. You are, however, talking about VLANs and that makes me suspect it's a port in your switch fabric.
If it's a port in your switch fabric, you need to configure trunking from that port to the central router. You will also need to have one of "trunk ports with native VLAN" or "put all other ports in another VLAN". You will then need to configure two VLANs inside the central router, one for the new and one (possibly untouched) for the existing LAN. After that, you need to filter traffic from the new VLAN to the old.
If it's a physical port, you configure the new port with an IP address range that isn't in use on the existing LAN (or at least will not be in use, afterwards), then configure access-lists (filtering, basically) stopping traffic from the new to the old.
answered Jun 17 '11 at 11:33
VatineVatine
4,93017 silver badges22 bronze badges
add a comment |
What isn't entirely clear is if your "physical port" is a port on the router or a port in your switch fabric, the right answer changes subtly depending on this. You are, however, talking about VLANs and that makes me suspect it's a port in your switch fabric.
If it's a port in your switch fabric, you need to configure trunking from that port to the central router. You will also need to have one of "trunk ports with native VLAN" or "put all other ports in another VLAN". You will then need to configure two VLANs inside the central router, one for the new and one (possibly untouched) for the existing LAN. After that, you need to filter traffic from the new VLAN to the old.
If it's a physical port, you configure the new port with an IP address range that isn't in use on the existing LAN (or at least will not be in use, afterwards), then configure access-lists (filtering, basically) stopping traffic from the new to the old.
answered Jun 17 '11 at 11:33
VatineVatine
4,93017 silver badges22 bronze badges
add a comment |
What isn't entirely clear is if your "physical port" is a port on the router or a port in your switch fabric, the right answer changes subtly depending on this. You are, however, talking about VLANs and that makes me suspect it's a port in your switch fabric.
If it's a port in your switch fabric, you need to configure trunking from that port to the central router. You will also need to have one of "trunk ports with native VLAN" or "put all other ports in another VLAN". You will then need to configure two VLANs inside the central router, one for the new and one (possibly untouched) for the existing LAN. After that, you need to filter traffic from the new VLAN to the old.
If it's a physical port, you configure the new port with an IP address range that isn't in use on the existing LAN (or at least will not be in use, afterwards), then configure access-lists (filtering, basically) stopping traffic from the new to the old.
answered Jun 17 '11 at 11:33
VatineVatine
4,93017 silver badges22 bronze badges
What isn't entirely clear is if your "physical port" is a port on the router or a port in your switch fabric, the right answer changes subtly depending on this. You are, however, talking about VLANs and that makes me suspect it's a port in your switch fabric.
If it's a port in your switch fabric, you need to configure trunking from that port to the central router. You will also need to have one of "trunk ports with native VLAN" or "put all other ports in another VLAN". You will then need to configure two VLANs inside the central router, one for the new and one (possibly untouched) for the existing LAN. After that, you need to filter traffic from the new VLAN to the old.
If it's a physical port, you configure the new port with an IP address range that isn't in use on the existing LAN (or at least will not be in use, afterwards), then configure access-lists (filtering, basically) stopping traffic from the new to the old.
answered Jun 17 '11 at 11:33
VatineVatine
4,93017 silver badges22 bronze badges
answered Jun 17 '11 at 11:33
VatineVatine
4,93017 silver badges22 bronze badges
answered Jun 17 '11 at 11:33
VatineVatine
4,93017 silver badges22 bronze badges
answered Jun 17 '11 at 11:33
VatineVatine
4,93017 silver badges22 bronze badges
4,93017 silver badges22 bronze badges
add a comment |
add a comment |
Thanks for contributing an answer to Server Fault!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f249292%2fisolating-one-router-port-from-the-rest%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
