ddrueding
Fixture
I can't seem to understand this properly, and need some help.
I have several wireless links chained together linking some of our offices. These links are inside out network, post-firewall, and are tying a bunch of small offices together for network and internet access purposes. At one end of this network is our main office, where our normal internet connections and firewall are. Several links away, on a mountain, I can get some bandwidth cheap. I believe that vLANs will allow me to partition this chunk of traffic through the wireless links until it reaches our firewall at the main office. I've attached a small schematic that may help (or hurt) my explanation.
What I think I want is to use port mapping on all the switches to specify that ports 7-8 are on the "RED" network (pre-firewall traffic), that ports 6-7 are part of the wireless backbone (passing both kinds of traffic), and ports 1-5 are on the "GREEN" network (secure traffic).
I've acquired some Netgear GS108Tv2 switches, and updated them to the latest firmware (5.0.5.4). I've found the vLAN portion of the web interface, and have created some vLANs. (ID "50" for RED and "100" for GREEN). And now I am looking at the vLAN membership page and not understanding the TAG/UNTAG concept. It seems to be asking for one or the other, and I don't know what it means. The port that connects my cheap ISP to a RED port on my switch needs to be tagged coming in and untagged coming out?
This can't be that complex a concept, but I am struggling.
Thanks in advance!
I have several wireless links chained together linking some of our offices. These links are inside out network, post-firewall, and are tying a bunch of small offices together for network and internet access purposes. At one end of this network is our main office, where our normal internet connections and firewall are. Several links away, on a mountain, I can get some bandwidth cheap. I believe that vLANs will allow me to partition this chunk of traffic through the wireless links until it reaches our firewall at the main office. I've attached a small schematic that may help (or hurt) my explanation.
What I think I want is to use port mapping on all the switches to specify that ports 7-8 are on the "RED" network (pre-firewall traffic), that ports 6-7 are part of the wireless backbone (passing both kinds of traffic), and ports 1-5 are on the "GREEN" network (secure traffic).
I've acquired some Netgear GS108Tv2 switches, and updated them to the latest firmware (5.0.5.4). I've found the vLAN portion of the web interface, and have created some vLANs. (ID "50" for RED and "100" for GREEN). And now I am looking at the vLAN membership page and not understanding the TAG/UNTAG concept. It seems to be asking for one or the other, and I don't know what it means. The port that connects my cheap ISP to a RED port on my switch needs to be tagged coming in and untagged coming out?
This can't be that complex a concept, but I am struggling.
Thanks in advance!
